Watermark Marine Systems

In July 2025, Watermark Marine Systems, a U.S.-based shoreline construction company headquartered in New Hampshire, fell victim to a targeted cyberattack by the Akira ransomware group. The attackers successfully exfiltrated over 10 GB of sensitive corporate data, including employee records, financial documents, confidentiality agreements, and non-disclosure agreements (NDAs). While no direct evidence (such as download links or screenshots) was publicly released at the time, the threat actors explicitly threatened to leak the stolen files, creating severe risks to the company’s operational continuity, legal compliance, and client trust.The breach exposed highly confidential internal and employee-related information, which could lead to financial fraud, reputational damage, and potential regulatory penalties. The involvement of a ransomware group further escalates the threat, as the company may face extortion demands, operational disruptions, or irreversible harm to its business relationships. The incident underscores the growing vulnerability of mid-sized enterprises in critical infrastructure sectors to sophisticated cyber extortion schemes, particularly those targeting proprietary and personnel data for maximum leverage.

Source: https://www.ransomware.live/id/V2F0ZXJtYXJrIE1hcmluZSBTeXN0ZW1zQGFraXJh

TPRM report: https://www.rankiteo.com/company/watermark-marine-construction

"id": "wat648092025",
"linkid": "watermark-marine-construction",
"type": "Ransomware",
"date": "5/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'shoreline construction',
                        'location': 'New Hampshire, U.S.',
                        'name': 'Watermark Marine Systems',
                        'type': 'private company'}],
 'data_breach': {'data_exfiltration': '10 GB of data exfiltrated',
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['employee records',
                                              'financial documents',
                                              'confidentiality agreements',
                                              'NDAs']},
 'date_publicly_disclosed': '2025-07',
 'description': 'In July 2025, Watermark Marine Systems, a U.S.-based '
                'shoreline construction company operating in New Hampshire, '
                'was targeted by the Akira ransomware group. The attackers '
                'claimed to have exfiltrated over 10 GB of sensitive data, '
                'including employee records, financial documents, '
                'confidentiality agreements, and NDAs. Although no download '
                'links or screenshots were published, the threat actors '
                'indicated plans to release the stolen files, posing '
                'significant risks to the company’s operational integrity and '
                'client trust.',
 'impact': {'brand_reputation_impact': 'high risk to client trust',
            'data_compromised': ['employee records',
                                 'financial documents',
                                 'confidentiality agreements',
                                 'NDAs'],
            'operational_impact': 'high risk to operational integrity'},
 'motivation': 'financial (ransomware)',
 'ransomware': {'data_exfiltration': '10 GB of data exfiltrated',
                'ransomware_strain': 'Akira'},
 'threat_actor': 'Akira ransomware group',
 'title': 'Akira Ransomware Attack on Watermark Marine Systems',
 'type': 'ransomware'}