The Maine Office of the Attorney General disclosed a ransomware attack targeting Certified Title Corporation, which occurred on July 16, 2021, but was reported on March 23, 2022. The breach compromised the personal information of approximately 10,624 individuals, including highly sensitive data such as names, addresses, Social Security numbers, and financial account numbers. The exposure of such details poses a severe risk of identity theft and financial fraud. In response, the company offered 12 months of credit monitoring and identity theft protection services via Cyberscout to mitigate potential harm. The incident underscores the critical vulnerabilities in data security, particularly in sectors handling financial and personally identifiable information (PII), where ransomware attacks can lead to large-scale data exfiltration and long-term reputational and financial damage for both the organization and affected individuals.
TPRM report: https://www.rankiteo.com/company/certified-title-corporation
"id": "cer331082625",
"linkid": "certified-title-corporation",
"type": "Ransomware",
"date": "7/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '10,624',
'industry': 'Title Insurance / Real Estate',
'name': 'Certified Title Corporation',
'type': 'Corporation'}],
'customer_advisories': 'Identity theft protection services (12 months of '
'credit monitoring via Cyberscout) offered to affected '
'individuals',
'data_breach': {'number_of_records_exposed': '10,624',
'personally_identifiable_information': ['names',
'addresses',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Financial Information']},
'date_detected': '2021-07-16',
'date_publicly_disclosed': '2022-03-23',
'description': 'The Maine Office of the Attorney General reported a data '
'breach involving Certified Title Corporation on March 23, '
'2022. The breach occurred on July 16, 2021, due to a '
'ransomware attack, affecting approximately 10,624 '
'individuals, with the potential exposure of personal '
'information including names, addresses, Social Security '
'numbers, and financial account numbers. Identity theft '
'protection services, including 12 months of credit monitoring '
'through Cyberscout, were offered to the affected individuals.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security numbers',
'financial account numbers'],
'identity_theft_risk': 'High (PII exposed)',
'payment_information_risk': 'High (financial account numbers '
'exposed)'},
'references': [{'source': 'Maine Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
'Attorney General']},
'response': {'communication_strategy': 'Offered identity theft protection '
'services (12 months of credit '
'monitoring) to affected individuals',
'third_party_assistance': ['Cyberscout (credit monitoring)']},
'title': 'Data Breach at Certified Title Corporation Due to Ransomware Attack',
'type': 'Data Breach, Ransomware Attack'}