
Mario Susi & Son Inc., a family-owned construction and excavating company based in Dorchester, Massachusetts, disclosed a data breach that occurred in June 2026, so far affecting 175 Massachusetts residents.
On or about June 13, 2026, Mario Susi & Son experienced a ransomware attack. The company did not provide additional details about how the attack was carried out or how the company became aware of the intrusion. It also did not name a specific threat actor responsible for the attack.
The types of personal information that may have been exposed included full names, Social Security numbers, Social Security cards, dates of birth, addresses, email addresses, driver's licenses, government-issued identification cards, financial account information, pay stubs, W-2 forms, proof of current address and other personal payroll-related information.
The company began sending notification letters to affected individuals on July 1, 2026.
Mario Susi & Son is offering 24 months of free credit monitoring with identity theft insurance through IDX. To enroll, affected individuals need to email hr@msusi.com with their full name and the email address they would like to use for their IDX account.
According to the notification, the first email from IDX will have the subject line "Your Identity Protection Coverage Is Ready to Activate." A second email will follow with the subject line "IDX Protection Status – Review your Monitoring Activation." To complete enrollment, recipients must follow the instructions in the first email to create a password and log in.
Additionally, the letter provided detailed instructions on how to place a security freeze, free of charge, with each of the three major credit reporting agencies.
Individuals with questions were directed to contact the company at hr@msusi.com.








.webp)
.webp)
.webp)

.webp)
.webp)
.webp)
.webp)