Cyber Incident Victim: Mizuno Corporation
Date:
Feb 2022
Location:
United States of America
Summary
A Japanese sports equipment manufacturer experienced a ransomware attack targeting its U.S. corporate network, causing widespread operational disruptions including phone system failures, website malfunctions, and significant order processing delays. Internal system outages prevented customer service representatives from accessing order information and halted the company's ability to generate shipping labels, potentially delaying deliveries by up to a month. The incident particularly impacted pre-orders for newly launched golf products and disrupted business-to-business operations by blocking reseller access to ordering platforms. Despite ongoing customer complaints and external confirmation of cyberattack details through anonymous sources and support communications, the organization maintained public silence regarding the incident's cause and did not disclose the responsible threat actor.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Mizuno Corporation, a prominent Japanese sports equipment and apparel manufacturer with operations across Asia, Europe, and North America, experienced a disruptive ransomware attack targeting its U.S. corporate network during the weekend of February 4-5, 2022. The incident caused immediate operational disruptions, including corporate phone system failures, website malfunctions, and an inability to process orders or access internal systems. By February 8, customers began encountering prominent outage notifications on the mizunousa.com website stating "MIZUNO IS CURRENTLY EXPERIENCING SYSTEM OUTAGES. ORDER DELAYS MAY OCCUR," while attempts to access contact pages returned connection errors. Customer service representatives confirmed systemic IT failures prevented order lookups or status updates, leaving customers without recourse for inquiries. The attack coincided with the February 3 launch of Mizuno's highly anticipated Pro 221, 223, and 225 golf iron series, exacerbating frustrations among customers facing uncommunicated delays on pre-orders.
The ransomware's impact extended beyond consumer-facing operations to Mizuno's business-to-business infrastructure, paralyzing the 'Direct Connect' portal used by resellers to place wholesale orders. Shipping operations were severely impaired as staff could not generate shipping labels, with some customers advised of potential delays extending up to one month. Despite sustained operational paralysis lasting over a week and repeated inquiries from media outlets including BleepingComputer, Mizuno issued no public statements acknowledging the attack, its root cause, or mitigation efforts. The company's silence prevented confirmation of data theft or ransom demands, leaving the responsible threat actor unidentified. This incident occurred alongside the BlackByte ransomware attack on the San Francisco 49ers disclosed the same week, though no connection between the two events was established. Customer complaints persisted on forums like GolfWRX, documenting failed order fulfillment attempts and inadequate communication throughout the outage period.