April 1, 2024 · Applied Cybernetics Group
MARINEMAX INC — 8-K Item 1.05
- Filer
- MARINEMAX INC (HZO)
- CIK
0001057060- Accession
0000950170-24-038881- Filed
2024-04-01- Records
- not stated
- Attacker
- unstated
- EDGAR
- https://www.sec.gov/Archives/edgar/data/1057060/000095017024038881/hzo-20240310.htm
Narrative (as filed)
As disclosed in the Original Report, on March 10, 2024, we determined that the Company experienced a “cybersecurity incident,” as defined in applicable SEC rules, whereby a third party gained unauthorized access to portions of our information environment (the “Incident”). Upon detection, we immediately initiated our previously determined incident response and business continuity protocols and took immediate measures to contain the Incident. As part of this process, the containment measures resulted in some disruption to a portion of the Company’s business. The Company’s operations have continued throughout this matter in all material respects, and, as of the date of this filing, the affected information environment is remediated. The Company continues to investigate the extent of the Incident with the assistance of external cybersecurity experts. The Company has determined that a cybercrime organization accessed a limited portion of our information environment associated with our retail business. As of the date of this filing, our ongoing investigation has identified that this organization exfiltrated limited data from this environment that includes some customer and employee information, including personally identifiable information. The Company intends to provide appropriate notifications to potentially affected parties and to regulatory agencies as required by federal and state law. The Company also has notified law enforcement authorities. The Company has incurred, and may continue to incur, certain expenses related to its response to this Incident. Further, the Company remains subject to risks and uncertainties as a result of the Incident. While the Company is continuing to evaluate the full scope and impact of the Incident, as of the date of this filing, the Incident has not had a material impact on the Company’s operations, and the Company is still in the process of determining whether the Incident is reasonably likely to materially impact the Company’s financial condition or results of operations. Cautionary Statement Regarding Forward Looking Statements Certain statements contained in this Report are forward-looking as defined in the Private Securities Litigation Reform Act of 1995. Such forward-looking statements include those regarding the threat actor’s access to our systems, the Company’s investigation of the incident, the Company’s efforts to contain the activity and the impact on the Company’s operations, financial conditions, and results. These statements involve certain risks and uncertainties that may cause actual results to differ materially from expectations as of the date of this Report. These risks include the numerous factors identified in the Company’s Form 10-K for the fiscal year ended September 30, 2023 and other filings with the Securities and Exchange Commission. The Company disclaims any intention or obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise. Exhibit Index Exhibit No. Description 104 Cover Page Interactive Data File (embedded within the Inline XBRL document)