The Corsi Group

The Corsi Group suffered a security incident in which an unauthorized party gained access to an employee’s email account between **November 6, 2020, and November 19, 2020**. The breach exposed the personal information of **112 individuals**, including at least one Maine resident whose **name and Social Security number (SSN)** were compromised. While the exact method of access was not detailed, the incident suggests a **phishing or credential-theft attack** targeting the employee’s account. In response, the company offered **identity theft protection services via Kroll** to affected individuals to mitigate potential risks like fraud or misuse of the exposed SSN. The breach highlights vulnerabilities in email security and the risks associated with employee account compromises, particularly when sensitive personally identifiable information (PII) is involved. No evidence was provided regarding broader system infiltration or additional data exfiltration beyond the email account.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/835ad2c5-dfdb-4666-abab-d0cd2c761b9d.shtml

TPRM report: https://www.rankiteo.com/company/corsi-group-the

"id": "cor757082025",
"linkid": "corsi-group-the",
"type": "Breach",
"date": "11/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': '112 individuals (including 1 '
                                              'Maine resident)',
                        'name': 'The Corsi Group',
                        'type': 'Organization'}],
 'attack_vector': 'Compromised Email Account',
 'customer_advisories': 'Identity theft protection services offered to '
                        'affected individuals via Kroll',
 'data_breach': {'number_of_records_exposed': '112',
                 'personally_identifiable_information': ['Name',
                                                         'Social Security '
                                                         'Number'],
                 'sensitivity_of_data': 'High (includes SSN)',
                 'type_of_data_compromised': ['Personal Identifiable '
                                              'Information (PII)']},
 'date_publicly_disclosed': '2021-01-20',
 'description': 'The Maine Office of the Attorney General reported that The '
                "Corsi Group experienced unauthorized access to an employee's "
                'email account between November 6, 2020, and November 19, '
                '2020. The breach potentially affected 112 individuals, '
                'including the personal information of one Maine resident, '
                'which included their name and Social Security number. '
                'Identity theft protection services through Kroll were offered '
                'to the affected individuals.',
 'impact': {'data_compromised': ['Name', 'Social Security Number'],
            'identity_theft_risk': 'High (PII exposed)',
            'systems_affected': ['Employee Email Account']},
 'initial_access_broker': {'entry_point': 'Employee Email Account'},
 'references': [{'date_accessed': '2021-01-20',
                 'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General']},
 'response': {'third_party_assistance': ['Kroll (Identity Theft Protection '
                                         'Services)']},
 'title': 'Unauthorized Access to Employee Email Account at The Corsi Group',
 'type': 'Data Breach (Unauthorized Email Access)'}