‘Cybercrime organization’ stole customer and employee data, boating giant says

Hackers were able to access data from the servers of one of the world’s largest boat sellers during an attack last month, the company confirmed.

MarineMax filed an updated report to regulators at the Securities and Exchange Commission on Monday warning that customer and employee information was stolen during the incident. The Rhysida ransomware gang took credit for the attack on March 21. 

The company initially told the SEC about a “cybersecurity incident” on March 10 but provided few details on who was behind the incident or what was accessed. In that filing, the company claimed it “does not maintain sensitive data in the information environment impacted by the incident.”

On Monday, the company revised that assessment, writing that an investigation into what was stolen revealed that a “cybercrime organization accessed a limited portion” of the IT systems associated with their retail business. 

“As of the date of this filing, our ongoing investigation has identified that this organization exfiltrated limited data from this environment that includes some customer and employee information, including personally identifiable information,” the filing said. 

“The Company intends to provide appropriate notifications to potentially affected parties and to regulatory agencies as required by federal and state law. The Company also has notified law enforcement authorities. The Company has incurred, and may continue to incur, certain expenses related to its response to this Incident. Further, the Company remains subject to risks and uncertainties as a result of the Incident.”

Despite the impact of the incident on the business and the potential ramifications of a data breach, MarineMax said the attack “has not had a material impact on the Company’s operations, and the Company is still in the process of determining whether the Incident is reasonably likely to materially impact the Company’s financial condition or results of operations.”

MarineMax reported its highest revenues ever in 2023 of $2.39 billion.

The Rhysida ransomware gang has continued to draw headlines even as rival ransomware operations falter due to law enforcement scrutiny. 

The group attacked a string of governments last year — Kuwait, Portugal, Dominican Republic — as well as the British Library, one of the largest hospital networks in the U.S. and a children’s hospital. A global philanthropic organization run by Christian churches said the group attempted to extort them on the day after Christmas.