Top yacht retailer MarineMax says cyberattack led to major online data breach
MarineMax suffers ransomware attack, but says things aren't too bad
MarineMax has confirmed suffering a cyberattack, thought to be ransomware, in which threat actors stole sensitive customer information.
In an 8-K form, filed with the Securities and Exchange Commission (SEC) on April 1, the company, one of the leading yacht sellers worldwide, said a third party “gained unauthorized access to portions of our information environment.”
This breach forced MarineMax to shut down parts of its infrastructure, resulting in “some disruption to a portion of the company’s business”.
Major ransom demands
Subsequent investigation determined that a “cybercrime organization” accessed a “limited portion” of MarineMax’s information environment associated with its retail business. While the company said that the information includes personally identifiable data, it did not provide further details. It added that the affected individuals would be notified in a timely fashion. The law enforcement was notified.
While MarineMax claims that the incident had no material impact on its operations, and continues to assess if that’s a possibility, hackers started selling the stolen data on the dark web.
A hacking group called Rhysida claimed responsibility for the attack and started advertising the database for $15 BTC (roughly $1 million). In the ad, the group shared a few screenshots of the stolen database, depicting MarineMax financial documents, employee driver’s licenses and passports, and more.
Having such sensitive data leak on the dark web just might have a material impact on MarineMax. Whether or not it will feel the data watchdog’s sting remains to be seen, as it reported $2.39 billion in revenue last year, with more than $800 million in gross profit.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Rhysida is a ransomware-as-a-service (RaaS) that first popped up last year. It was used in the recent attacks on the British Library and the Chilean Army, as well as against the U.S. Department of Health and Human Services.
Via BleepingComputer
More from TechRadar Pro
- Sony responds to alleged Insomniac Games hack, says ‘we are currently investigating this situation’
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.