Data from a cyber attack on the listed company Marinemax on March 10th may have appeared on the dark web. Marinemax, the world's largest recreational and yacht services company, acquired Williams Tenders USA, a leading jet and luxury yacht dealer, shortly before the incident. Initially, according to the US Securities and Exchange Commission's (SEC) Form 8-K, it was stated that “no sensitive data” had been leaked from the company.
Advertisement
Now the ransomware group Rhysida seems to be putting a stop to the whole thing and claiming to be in possession of the data. An entry was discovered on their leak site, as reported by The Register, among others. The countdown still runs for four days and the price is 3 Bitcoin, equivalent to around 180,000 euros at the current rate (as of March 22, 2024).
Various VF Group online shops affected
As a result of a cyber attack on the listed US clothing company VF Corporation in mid-December 2023, Vans is now informing its German customers, as Inside Digital writes. Accordingly, personal data such as email addresses, names, telephone numbers, billing addresses, delivery addresses, but also order history and information about the payment method are affected. VF Corporation online shops are a popular target for cybercriminals. In 2022, almost 200,000 North Face customer accounts fell victim to credential stuffing attacks, in which the attackers attempt large-scale email addresses and passwords that come from existing data leaks.
Fujitsu also fell victim to a cyber attack. According to a statement from the company, malware was discovered on several business computers. This gave rise to the possibility that data containing personal information, including from customers, could be withdrawn. The company has since taken action and launched an investigation. The data protection authorities have also been informed. It is still unclear whether data was leaked. Apparently, according to IT security researcher Jelle Ursem, a CSV file with passwords in plain text and other data such as AWS keys was publicly accessible in a public Microsoft Azure storage server for almost a year, as the British medium TheStack reports.
Data center failure at Server4You
Server4You has been disrupted since March 21st, but this is not a cyber attack. According to information from the company, water leaked in one of the rooms where the batteries are housed in the center in Strasbourg. “As a result, the batteries located in this room were compromised,” said a statement on the company’s temporary replacement page. As a result, Server4You was forced to switch off the power supply to the customer servers or part of the network infrastructure; the customer servers were not affected by the water damage. As soon as the power can be switched on again, electronics engineers will check what to do next. This is no longer possible today “due to the complexity of the damaged UPS system”.
(mack)