The Maine Office of the Attorney General disclosed a data breach affecting Enstar (US) Inc. in November 2023, stemming from an exploit by the CL0P criminal group. The breach occurred between May 29–31, 2023, leveraging a zero-day vulnerability in the MOVEit Transfer tool, a widely used file-transfer software. The incident compromised sensitive data of 44,114 individuals, including 51 Maine residents, with Social Security Numbers (SSNs) among the exposed information. The attack highlights the risks of third-party software vulnerabilities, where threat actors exploit unpatched flaws to exfiltrate high-value personal data. SSNs are critical identifiers for identity theft, financial fraud, and long-term reputational harm to affected individuals. While the breach did not involve ransomware or direct financial demands, the scale and sensitivity of the leaked data particularly SSNs pose severe risks of downstream fraud, regulatory scrutiny (e.g., under U.S. state breach laws), and erosion of customer trust. Enstar’s response likely involved forensic investigations, notification protocols, and mitigations like credit monitoring for victims. The incident underscores the broader trend of supply-chain attacks, where vulnerabilities in widely deployed tools (e.g., MOVEit) create cascading risks across organizations relying on them.
TPRM report: https://www.rankiteo.com/company/enstar-group-ltd
"id": "ens203082125",
"linkid": "enstar-group-ltd",
"type": "Breach",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 44114,
'industry': 'Insurance/Financial Services',
'location': 'USA',
'name': 'Enstar (US) Inc.',
'type': 'Corporation'}],
'attack_vector': 'Exploitation of Zero-Day Vulnerability (MOVEit Transfer)',
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 44114,
'personally_identifiable_information': ['Social Security '
'Numbers'],
'sensitivity_of_data': 'High (includes SSNs)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_detected': '2023-05-29',
'date_publicly_disclosed': '2023-11-20',
'description': 'The Maine Office of the Attorney General reported a data '
'breach involving Enstar (US) Inc. on November 20, 2023. The '
'breach occurred between May 29, 2023, and May 31, 2023, when '
"the criminal group known as 'CL0P' exploited a zero-day "
'vulnerability in the MOVEit Transfer tool, affecting 44,114 '
'individuals, of which 51 were residents of Maine. Data '
'compromised included Social Security Numbers.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive PII',
'data_compromised': ['Social Security Numbers'],
'identity_theft_risk': 'High (SSNs compromised)',
'systems_affected': ['MOVEit Transfer tool']},
'initial_access_broker': {'entry_point': 'MOVEit Transfer zero-day '
'vulnerability',
'high_value_targets': ['PII databases (SSNs)']},
'investigation_status': 'Disclosed; ongoing or completed status unclear',
'motivation': 'Financial Gain (likely ransom or data monetization)',
'post_incident_analysis': {'root_causes': ['Exploitation of unpatched '
'zero-day vulnerability in MOVEit '
'Transfer']},
'ransomware': {'data_exfiltration': True},
'references': [{'date_accessed': '2023-11-20',
'source': 'Maine Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
'Attorney General']},
'response': {'communication_strategy': 'Public disclosure via Maine Attorney '
"General's office"},
'threat_actor': 'CL0P',
'title': 'Data Breach at Enstar (US) Inc. via MOVEit Transfer Exploit by CL0P',
'type': 'Data Breach',
'vulnerability_exploited': 'CVE-unknown (MOVEit Transfer zero-day)'}