US luxury yacht dealer MarineMax was reportedly attacked by the Rhysida ransomware group earlier this month.
The company, which experienced record revenue this year, filed a report on March 10 with the U.S. Securities and Exchange Commission, announcing that it had experienced a “cybersecurity incident.”
The Florida firm said that it took “immediate measures to contain the incident,” but portions of the business experienced some disruption. In the Form 8-K filing, there was no mention of ransomware, and its operations “continued throughout this matter in all material respects.”
It added: “The Company does not maintain sensitive data in the information environment impacted by the incident.”
However, RansomLook.io reports that Rhysida uploaded a sample of the data they allege to have taken from MarineMax onto their website. The collections of documents do not reveal their specific nature. It appears that most of the disclosed documents primarily feature financial accounts.
Cybersecurity analyst Dominic Alvieri reportedly posted an image on X, showing that Rhysida was holding a seven-day auction for the documents. The caption stated, “Open your wallets and be ready to buy exclusive data.”
Rhysida Ransomware claims Marine Max. https://t.co/h0PcmhvM8i pic.twitter.com/XWctFlas00
— Dominic Alvieri (@AlvieriD) March 20, 2024
Rhysida might still release the data publicly if the bids don’t meet its expectations, given that the current price is set at 15 Bitcoin, which is equivalent to $1.007 million.
“With just seven days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data,” its website reads.
“We sell only to one hand, no reselling, you will be the only owner!”
MarineMax boasts a global presence with more than 125 sites, encompassing 78 dealerships and 57 marinas. Employing close to 4,000 individuals, MarineMax reported revenues exceeding $500 million in the first fiscal quarter of 2024.
Other Rhysida ransomware targets
It’s not the first time the group has attacked a high-profile target. In December 2023, it made good on a promise to leak gaming and personal data related to Insomniac Games.
The Spider-Man developer refused the ransom demand of 50 Bitcoin (BTC), which is equivalent to around $2 million.
This resulted in the sharing of sensitive information online about the company’s gaming projects including screenshots from Wolverine, but more importantly personal details of Insomniac staff. It was alleged that the ransomware group released 1.67 terabytes of data, made up of more than 1.3 million files.
Featured image: Canva / DALL-E