Community Capital Management Data Breach Exposes SSNs

On or around April 27, 2025, a threat actor known as "Randy72" publicly claimed responsibility for a data breach involving Community Capital Management, LLC (CCM), an investment advisory firm. The breach was first disclosed on the dark web, where the attacker alleged to have leaked a significant volume of sensitive company and client information. According to the disclosure filed with the Massachusetts Attorney General’s office, at least six individuals in Massachusetts were directly affected by the breach.

The compromised data reportedly includes a wide range of sensitive materials such as financial reports, strategic outlooks, budgeting and planning documents, profit and loss statements, confidential contracts, and client personal data. Most notably, the exposed personally identifiable information (PII) includes Social Security numbers.

The breach’s severity is underscored by the nature of the data exposed—Social Security numbers and confidential financial documents can be highly valuable to cybercriminals and can lead to identity theft or financial fraud.

The breach was posted on an open web network, making the information potentially accessible to a broad audience. As of the date of this article, there is no evidence that the stolen data has been used for fraud, but the risk remains significant given the sensitivity of the information.

You can review the official breach notification as filed with the Massachusetts Attorney General’s office.

Community Capital Management's response

Following the breach, CCM has taken several steps to address the incident and support those affected. The company promptly notified law enforcement and relevant state regulators. Affected individuals have been offered twenty-four (24) months of complimentary identity monitoring and restoration services through Experian IdentityWorks. This service includes daily credit monitoring, identity restoration support, and up to $1 million in identity theft insurance. Enrollment instructions and a dedicated assistance line (1-833-745-1485) have been provided to those impacted.

If you believe your information may have been involved, it is advisable to:

• Enroll in the complimentary Experian IdentityWorks service by July 31, 2025.
• Monitor your credit reports for any unusual activity.
• Consider placing a fraud alert or credit freeze with the major credit bureaus (Equifax, Experian, and TransUnion).
• Remain vigilant for unsolicited communications that may attempt to use your personal information.

Additionally, you have the right to obtain a free copy of your credit report every year from each of the three major credit bureaus. For more information about protecting your identity, visit the Federal Trade Commission’s identity theft resource.

For more details about their mission and regulatory disclosures, visit CCM’s official website.