TransUnion Data Breach Exposes Data of 4.4 Million People

After targeting a third-party application used by TransUnion, hackers accessed some personal data, but it doesn't include credit reports or core credit information, TransUnion says.

By Jibin Joseph

Credit reporting agency TransUnion has disclosed a data breach impacting over 4.4 million customers, TechCrunch reports.

According to a filing with the Maine attorney general, hackers targeted a third-party application used by TransUnion for customer support. The breach occurred on July 28 and was discovered two days later. In total, 4,461,511 people were affected, including 16,828 Maine residents.

TransUnion is one of the biggest credit reporting agencies in the US. It holds the credit histories of over 260 million US adults. In a letter to impacted customers, TransUnion didn't specify the type of data leaked but said that a specific set of data, excluding credit reports or core credit information, was affected.

The agency is offering two years of free credit monitoring services to those impacted. This will enable them to receive alerts when changes are made to their credit file. It is also setting up a fraud assistance line to answer questions customers may have right now, or if they fall prey to financial fraud. For more information regarding the breach, call 1-800-516-4700. 

It's unclear if this breach is part of the widespread Salesforce data leak that's affecting several of its vendors. By now, over a dozen of them, including Google and Adidas, have made similar disclosures mentioning third-party customer service or CRM systems. At Google, the cyberattack was carried out by a group called "ShinyHunter," which accessed one of its corporate accounts with Salesforce.

This comes shortly after National Public Data, a website infamous for its role in leaking millions of Social Security numbers last year, returned with the ability to look up anyone's personal information. Here's how to opt out of that.