Sansone Group Data Breach Exposes 2.4TB of Sensitive Info

Published

August 23, 2025

Updated

August 23, 2025

Sansone Group

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

On June 24, 2025, Sansone Group, LLC, a national commercial real estate firm headquartered in St. Louis, discovered that a data security incident had exposed sensitive personal information. An investigation determined that the breach occurred over a two-day period between March 22 and March 24, 2025.

The breach was the result of a ransomware attack claimed by the group known as HUNTERS INTERNATIONAL. This threat actor announced on the dark web that they had obtained approximately 2.4 terabytes of Sansone Group’s data and threatened to publish it within a week if their demands were not met.

The stolen information included personally identifiable information (PII), including full names and Social Security numbers. Ransomware attacks such as this often involve unauthorized access, encryption and exfiltration of large amounts of sensitive data, putting affected individuals at risk of identity theft and fraud.

Sansone Group began notifying impacted individuals on July 21, 2025. The company disclosed the data breach to the Massachusetts Attorney General's office on Aug. 21, 2025. The total number of impacted individuals has not been released but could be in the thousands.

Sansone Group's response

In addition to required state and federal disclosures, Sansone Group is offering impacted individuals 24 months of free single-bureau credit monitoring services through TransUnion Cyberscout.

If you received a data breach letter from Sansone Group, you may want to:

Sign up for the free TransUnion Cyberscout credit monitoring services, provided by the company.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

Sansone Group also set up a confidential dedicated response line for impacted individuals with questions.

More information about the company can be found on the Sansone Group website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.