The Rhysida ransomware group has laid claim to the MarineMax cyber security breach.
The breach is believed to have begun on Sunday March 10 2024 leaving many of MarineMax’s internal systems unavailable.
Now, the Rhysida group is asking for a payment of 15 bitcoin – around US $774,415.65 – to return the yacht dealer’s ‘exclusive, unique, and impressive data’ otherwise it says the data will be sold to the highest bidder.
The group has posted several samples of the alleged stolen data, thought to include MarineMax earnings reports, balance sheets, bank account wire transfers, customer databases, and other financial documents.
In its regulatory filing statement to the Securities and Exchange Commission, MarineMax stated that it does not store sensitive data in the compromised environment.
The filing also stated that the incident has not had a material impact on the Company’s operations, and it is still in the process of determining whether the incident is likely to materially impact the Company’s financial conditions or results of operations.
MarineMax is thought to be the largest boat, yacht, and superyacht company in the world.
The dealer reported a record December quarter revenue of more than $500 million with a gross profit margin of 33.3%.
The Rhysida ransomware group has targeted organisations in various sectors, including government, IT, manufacturing, healthcare, and education.
