National Boat Owners Association

On July 22, 2025, the Incransom ransomware group executed a cyberattack on the National Boat Owners Association (NBOA), a U.S.-based organization catering to recreational boaters and marine insurers. The breach, detected on July 21, involved unauthorized access to sensitive internal files, including accounting records, tax documents, insurance policies, and personal folders belonging to employees and members. While NBOA has not publicly confirmed the incident, the exposure of such data poses severe privacy risks for its hundreds of thousands of members, potentially enabling identity theft, financial fraud, or targeted phishing campaigns. The attack’s focus on internal financial and personal records suggests a deliberate effort to exploit high-value information, either for extortion or secondary malicious activities. Given the nature of the compromised data—particularly tax and insurance documents—the incident could lead to regulatory scrutiny, reputational damage, and long-term erosion of trust among members who rely on NBOA for secure marine-related services.

Source: https://www.ransomware.live/id/bmJvYXQuY29tQGluY3JhbnNvbQ==

TPRM report: https://www.rankiteo.com/company/nboa-marine-insurance

"id": "nbo619092125",
"linkid": "nboa-marine-insurance",
"type": "Ransomware",
"date": "7/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': 'Hundreds of thousands',
                        'industry': 'Marine / Recreational Boating',
                        'location': 'United States',
                        'name': 'National Boat Owners Association (NBOA)',
                        'size': 'Hundreds of thousands of members',
                        'type': 'Non-profit Organization'}],
 'data_breach': {'data_exfiltration': 'Yes (files listed publicly)',
                 'personally_identifiable_information': 'Likely (based on '
                                                        'exposed file types)',
                 'sensitivity_of_data': 'High (includes personal and financial '
                                        'information)',
                 'type_of_data_compromised': ['accounting records',
                                              'tax documents',
                                              'insurance policies',
                                              'personal folders']},
 'date_detected': '2025-07-21',
 'date_publicly_disclosed': '2025-07-22',
 'description': 'The Incransom group claimed responsibility for a cyberattack '
                'on the National Boat Owners Association (NBOA), a U.S.-based '
                'organization serving recreational boaters and marine '
                'insurers. The breach involved unauthorized access and listing '
                'of internal files such as accounting records, tax documents, '
                'insurance policies, and personal folders. The incident raises '
                'serious privacy concerns for its community of hundreds of '
                'thousands of members.',
 'impact': {'brand_reputation_impact': 'Serious privacy concerns for the '
                                       'community',
            'data_compromised': ['accounting records',
                                 'tax documents',
                                 'insurance policies',
                                 'personal folders']},
 'investigation_status': 'Unconfirmed by NBOA; claimed by Incransom group',
 'threat_actor': 'Incransom group',
 'title': 'Cyberattack on National Boat Owners Association (NBOA) by Incransom '
          'Group',
 'type': 'Data Breach / Unauthorized Access'}