Ransomware gang wants 15 bitcoins from ‘world’s largest’ yacht dealer
An up-and-coming ransomware group linked to attacks on government institutions in Portugal and Kuwait, US hospitals, and the British Library is demanding 15 bitcoins for client data stolen from a prominent US yacht dealer.
The Rhysida group posted a sample of the data supposedly stolen from MarineMax on its leak website. This data reportedly shows bank transfers, earnings reports, balance sheets, customer databases, and other financial documents.
This listing contradicts MarineMax’s position on March 12, when it told the Securities and Exchange Commission (SEC) in a K-8 filing, “The Company [MarineMax] does not maintain sensitive data in the information environment impacted by the incident.”
A screenshot of the Rhysida listing taken by Cybernews.
Read more: Crypto game exploited for $4.6M, hacker claims to be white-hat
According to Rhysida, its listing contains ‘exclusive, unique, and impressive data’ that will presumably be sold to the highest bidder after the seven-day countdown unless MarineMax pays a ransom fee.
It reads, “Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!”
MarineMax deals in the sale of yachts and superyachts with some priced at just under $17 million. The firm reportedly listed revenue over $2.3 billion last year and claims to be the “world’s largest lifestyle retailer of recreational boats and yachts.”
Two yachts for sale on MarineMax.
Read more: New photos of 3AC yacht in Malta show no sign of Davies and Zhu
The company told the SEC that ‘containment measures’ in response to the cybersecurity incident “resulted in some disruption to a portion of the Company’s business” while noting it’s operated throughout the ordeal.
It said that the incident has “not had a material impact on the Company’s operations,” and that it’s deciding if the incident will likely impact the “Company’s financial conditions or results of operations.”
Rhysida is a hacking collective that conducts cyberattacks, steals data, and attempts to hold it for ransom. The group has claimed responsibility for hacking the medical records of the UK royal family and also for infiltrating the British Library. In both cases, the group demanded a ransom of thousands of dollars worth of bitcoin.