HQ/EMEAFind out how we can help your business
MarineMax, a prominent leisure boat and yacht retailer, has recently revealed that it suffered a cyberattack resulting in employee and customer data theft.
Based on reports, this Florida-based company initially claimed that the breached systems did not contain sensitive information. However, a subsequent filing late last month to the SEC disclosed that the attack had compromised the personal data of an unspecified number of individuals.
Moreover, this company stated that the cybercrime group managed to breach a portion of their information system associated with the retail business. Although the scope of the breach was limited, the attackers still extracted customer and employee information, including personally identifiable details. Currently, the company has refused to attribute the attack to any specific threat group.
The notorious Rhysida ransomware group has claimed responsibility for the MarineMax breach.
Researchers observed that the Rhysida ransomware claimed responsibility for the breach after advertising the stolen data owned by MarineMax. In addition, the group sells the database for 15 BTC, equivalent to just over $1 million.
The ransomware group included screenshots purportedly depicting MarineMax’s financial records, employee driver’s licenses, and passports on a dark web forum. These details further corroborate the severity of the breach.
Despite this sensitive database, Rhysida still seeks a buyer for the stolen data, indicating that the company has yet to comply with their ransom demands.
MarineMax, with its global presence, including over 130 locations, including dealerships and marinas, reported significant revenue of $2.39 billion last year, earning a gross profit of $835.3 million.
The Rhysida ransomware-as-a-service (RaaS) operation, a relatively new threat group that emerged only last year, has gained notoriety for its involvement in breaches targeting institutions such as the British Library and the Chilean Army.
Its affiliates have also been implicated in attacks against healthcare organisations, as highlighted in a joint advisory by CISA and FBI.
The advisory further shows the Rhysida ransomware group’s tendency to execute opportunistic attacks across various industries, making them a pervasive threat to different organisations. Lastly, the attack on MarineMax is another example of the increasing danger of notorious entities in the cybercriminal landscape. Organisations should bolster their cybersecurity defences to avoid the improving tactics of cybercriminal groups.
