What is a correlation attack?
Let's say you are a Tor user and you visit a drug market often using your Tor connection.
Let's suppose that LE have compromised this drug market. So they can see all the times you accessed this drug market and they also assumed you are in England because you only supply drugs to England.
Next, LE would subpoena popular ISPs in England to obtain information about which users were using Tor during the time windows when you accessed the website. The more access times LE have for you on this website, the better this method of identifying you will be.Note this evidence alone wouldn't be enough to convict you, but it would give LE reason to put your entire life under a microscope
You might then ask, won't using bridges prevent this type of attack? No, it won't ISPs have ways of identifying when Tor bridges are in use. I don't know how they do this, maybe someone more technical could explain it. But I have heard of people getting blocked from using the Tor network even when they use bridges.
The only way around this problem seems to be by using a VPN before accessing Tor. It doesn't have to be owned by someone else, you can setup your own. But you need some way of hiding your Tor usage to prevent becoming a victim of this correlation attack.
Note, this type of attack wouldn't be deployed for any Tom, Dick or Harry. You'd have to be a major player that LE really wants.
Final point before I end this thread, Tor users seem to overestimate how many people access use the Tor network. According to the Tor Project website, USA has a mean number 600k daily users, UK has a mean number of 70k daily users. There are 50 states, so if we assume the Tor use by state is distributed equally, then that's just 12k visitors per state daily. Furthermore, if you use Tor at unusual times, when everyone in your country is sleeping, this also increases the risk of falling victim to this type of attack.