MarineMax

MarineMax

MarineMax, a leading recreational boat and yacht retailer, reported a data breach impacting 123,494 individuals after a cyber attack. During the incident involving the Rhysida ransomware gang, sensitive data, including personal information of customers and employees, was compromised. The attack, which occurred from March 1, 2024, to March 10, 2024, resulted in the exfiltration of 225 GB of data by the perpetrators. Exposed information included names, personal identifiers, driver’s licenses, and passports. The breach was significant enough to warrant an official notification to the Offices of Maine Attorney General and the affected parties.

Source: https://securityaffairs.com/165843/data-breach/marinemax-data-breach.html

TPRM report: https://scoringcyber.rankiteo.com/company/marinemax

"id": "mar000072424",
"linkid": "marinemax",
"type": "Breach",
"date": "7/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 123494,
                        'industry': 'Recreational Boat and Yacht Retail',
                        'name': 'MarineMax',
                        'type': 'Company'}],
 'attack_vector': 'Ransomware',
 'data_breach': {'data_exfiltration': '225 GB',
                 'number_of_records_exposed': 123494,
                 'personally_identifiable_information': ['names',
                                                         'personal identifiers',
                                                         'driver’s licenses',
                                                         'passports'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['personal information of '
                                              'customers and employees']},
 'date_detected': 'March 1, 2024',
 'description': 'MarineMax, a leading recreational boat and yacht retailer, '
                'reported a data breach impacting 123,494 individuals after a '
                'cyber attack. During the incident involving the Rhysida '
                'ransomware gang, sensitive data, including personal '
                'information of customers and employees, was compromised. The '
                'attack, which occurred from March 1, 2024, to March 10, 2024, '
                'resulted in the exfiltration of 225 GB of data by the '
                'perpetrators. Exposed information included names, personal '
                'identifiers, driver’s licenses, and passports. The breach was '
                'significant enough to warrant an official notification to the '
                'Offices of Maine Attorney General and the affected parties.',
 'impact': {'data_compromised': ['names',
                                 'personal identifiers',
                                 'driver’s licenses',
                                 'passports']},
 'ransomware': {'data_exfiltration': '225 GB', 'ransomware_strain': 'Rhysida'},
 'regulatory_compliance': {'regulatory_notifications': ['Offices of Maine '
                                                        'Attorney General']},
 'threat_actor': 'Rhysida ransomware gang',
 'title': 'MarineMax Data Breach',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.