Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Top yacht retailer MarineMax says cyberattack led to major online data breach

Code Skull.

MarineMax has confirmed suffering a cyberattack, thought to be ransomware, in which threat actors stole sensitive customer information.

In an 8-K form, filed with the Securities and Exchange Commission (SEC) on April 1, the company, one of the leading yacht sellers worldwide, said a third party “gained unauthorized access to portions of our information environment.”

This breach forced MarineMax to shut down parts of its infrastructure, resulting in “some disruption to a portion of the company’s business”.

Major ransom demands

Subsequent investigation determined that a “cybercrime organization” accessed a “limited portion” of MarineMax’s information environment associated with its retail business. While the company said that the information includes personally identifiable data, it did not provide further details. It added that the affected individuals would be notified in a timely fashion. The law enforcement was notified. 

While MarineMax claims that the incident had no material impact on its operations, and continues to assess if that’s a possibility, hackers started selling the stolen data on the dark web.

A hacking group called Rhysida claimed responsibility for the attack and started advertising the database for $15 BTC (roughly $1 million). In the ad, the group shared a few screenshots of the stolen database, depicting MarineMax financial documents, employee driver’s licenses and passports, and more.

Having such sensitive data leak on the dark web just might have a material impact on MarineMax. Whether or not it will feel the data watchdog’s sting remains to be seen, as it reported $2.39 billion in revenue last year, with more than $800 million in gross profit.

Rhysida is a ransomware-as-a-service (RaaS) that first popped up last year. It was used in the recent attacks on the British Library and the Chilean Army, as well as  against the U.S. Department of Health and Human Services.

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.