MarineMax boat seller reports cyberattack, data breach
Learn More
MarineMax, one of the world's largest sellers of recreational boats, yachts, and superyachts, is reporting a cyberattack that has partially disrupted its operations. The cyberattack began on Sunday, 10th of March 2024 and led to an unauthorized third party accessed parts of its information environment
The company enacted its incident response and business continuity protocols to contain the cyberattack. Some disruption to the company's operations occurred as a result of the attack and containment actions.
Despite the cyberattack, MarineMax has continued its operations and has engaged cybersecurity experts to assist in investigating the incident. Law enforcement has also been notified.
The company has not specified whether this was a ransomware attack or another type of cyber incident. Moreover, the impact of the attack on MarineMax's operations is not deemed "material" at this stage, and the company is in the process of assessing any potential future impacts.
MarineMax reassured that sensitive data was not stored within the impacted information environment.
Update - Rhysida ransomware group took responsibility for the attack and uploaded a sample of the data they allege to have taken from MarineMax. The collections of documents appear to be primarily of financial accounts.
As of 22nd of March 2024, Rhysida is auctioning data allegedly stolen from MarineMax on its dark web site, with the price starting at 15 bitcoin ($950,000).
MarineMax, confirmed the data breach in an SEC filings. The intrusion led to the exfiltration of limited data, which included customer and employee information, encompassing personally identifiable information (PII).
As of 17th of July 2024, MarineMax, sis notifying 123,494 individuals whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. MarineMax have not disclosed what personal information was exfiltrated from its systems and if the data breach impacted both customers and employees.
