Sports brand Mizuno hit with ransomware attack delaying orders

Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack.

Mizuno is a Japanese sports equipment and sportswear company with over 3,800 employees and locations throughout Asia, Europe, and North America.

The company sells a wide variety of sports equipment but are best known for their golf clubs, running sneakers, and baseball gear.

Sources who spoke to BleepingComputer on the condition of anonymity said that Mizuno suffered a ransomware attack over the weekend of February 4th, targeting the USA corporate network.

This cyberattack led to significant business disruption, including phone outages, delays in shipping products, and website issues.

The attack leads to order delays

Customers began to notice the outage last Tuesday when the corporate phone systems no longer worked, and the website began displaying a banner warning of order delays.

“MIZUNO IS CURRENTLY EXPERIENCING SYSTEM OUTAGES. ORDER DELAYS MAY OCCUR,” a notice says at the top of the mizunousa.com website.

Customers who attempted to click on the Contact link for the website were shown messages saying there was an error connecting to that portion of the site.

If you have first-hand information about the Mizuno attack or other unreported cyberattacks, you can confidentially contact us on Signal at +16469613731 or on Wire at @lawrenceabrams-bc.

Customers told BleepingComputer that Mizuno support reps told them that their internal systems were down and they could no longer look up existing orders.

This was further confirmed by users on the Golf RWX forum who have been posting similar experiences since the outage.

“I just had a chat with an Mizuno representative aka ‘Caddy’, and Caddy told me their whole system is down so no one can even order anything(baseball, golf, softball, volleyball, swimming, training, ect products) from them at the moment.  Caddy also said they’re currently working on restoring their system and will be up and running tomorrow at the earliest but could be later than that,” a customer posted on the GolfWRX forums.

Other customers said they were told that shipping was delayed as Mizuno was unable to print shipping labels and that orders may be delayed up to a month.

The ransomware attack couldn’t have come at a worse time for Mizuno as they just launched their Mizuno Pro 221, 223, and 225 golf irons on February 3rd, which were preordered and eagerly anticipated by many customers.

Due to this, customers who preordered the irons have been facing delays with no way to contact the company for more information.

The IT outages are also affecting Mizuno resellers who can no longer access Mizuno’s ‘Direct Connect’ B2B website used by resellers to place orders.

Mizuno remains silent

As for Mizuno, they have been tight-lipped regarding the whole incident, not providing a public statement about what is causing their week-long outages or responding to multiple queries sent by BleepingComputer about the attack.

At this time, it is unknown what ransomware gang is behind the attack, but if the company does not pay a ransom, we will likely learn at a later date if the hackers publish stolen data.

This week has been bad for the sports industry, with the San Francisco 49ers confirming yesterday they suffered a ransomware attack by the BlackByte ransomware operation.

While details of the 49ers attack have not been disclosed, the threat actors have already started to leak invoices that they claim were stolen during the attack,

BleepingComputer will continue to try and contact Mizuno for more information and will update the story if we receive a response.