The article cites these two sources[1][2] which say
> Unauthorized individuals using account credentials believed to have been obtained from third-party source(s) were used to access individual customer accounts
[1] https://apps.web.maine.gov/online/aeviewer/ME/40/e9cc298b-37...
[2] https://oag.ca.gov/system/files/Template%20Notification%203-...
The article cites these two sources[1][2] which say
> Unauthorized individuals using account credentials believed to have been obtained from third-party source(s) were used to access individual customer accounts
[1] https://apps.web.maine.gov/online/aeviewer/ME/40/e9cc298b-37...
[2] https://oag.ca.gov/system/files/Template%20Notification%203-...