Marinemax, the world’s largest retailer of yachts and resting boats, is actively notifying over 123,000 clients about a breach of confidentiality that occurred in March this year. This breach resulted in the theft of personal information by the Rhysida extortion group.
The company, which oversees more than 130 locations globally, including 83 dealerships and 66 marinas and marine storage facilities, reported an income of $2.39 billion and a gross profit of $835.3 million last year.
According to the original report filed with the Securities and Exchange Commission on March 12, Marinemax initially claimed that confidential data were not stored in compromised systems. However, a subsequent report two weeks later revealed that the attackers had stolen personal data from an unspecified number of customers.
Recent letters sent to the Attorneys General of Maine and Vermont disclosed that the breach impacted 123,494 individuals. Marinemax confirmed that the breach was detected on March 10, ten days after unauthorized access was gained to the company’s networks.
Marinemax also informed the Attorneys General that the attackers obtained names and other identification data. However, it has not been disclosed if any other personal data was compromised and whether the breach affected both customers and employees.
Although Marinemax has not specifically linked the incident to any group and is referring to it as a “cybersecurity incident,” the Rhysida group claimed responsibility for the attack on March 20. On their Darknet website, Rhysida released a 225 GB archive of files allegedly stolen from Marinemax, including financial documents, driver’s licenses, and passports of customers and/or employees.
Rhysida is a relatively new ransomware group that operates using the RAAS model. The group emerged in May 2023 and gained notoriety after targeting organizations like Chilea and the British Library.
The United States Department of Health and Human Services has linked the Rhysida group to attacks on medical organizations, while the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal