TransUnion's data stolen in major data breach

ID theft
Image credit: Pixabay (Image credit: Future)

A hacker has posted a stolen database on the dark web alleging it contains sensitive data stolen from credit agency TransUnion. However, the company says there is no evidence of any compromise or data exfiltration, and argues that whatever data was taken - must have been stolen from a third party.

Going by the alias “USDoD”, the hacker published a 3GB database on BreachForums, a popular underground site where criminals exchange tools and information. This database, it was claimed, carried personally identifiable information (PII) on more than 58,000 people, at least some of whom appear to be TransUnion customers. 

The data includes full names, internal TransUnion identifiers, passport information such as birth dates and places of birth, marital status, age, employer information, credit scores and loan information.

Third party compromised

Following the leak, and subsequent media coverage, TransUnion published a short statement claiming to be aware of “some limited online activity alleging that data obtained from multiple entities, including TransUnion, will be released”. This prompted the firm to run an investigation with third-party cybersecurity and forensic expects, which concluded that there is “no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment.”

Furthermore, TransUnion says, the data, formatting, and fields, don’t match the content or formats it uses, “indicating that any such data came from a third party.”

While this might very well be a supply chain attack, Infosecurity Magazine also reminds that the date of the database compromise aligns with a ransomware incident at TransUnion’s South African business last year.

Back then, the hackers asked for $15 million in exchange for the decryption key, and not leaking sensitive data on the dark web. 

Separate reports claim USDoD works with a ransomware group known as Ransomed, and that they’re responsible for the data leak from 3,200 Airbus vendors earlier this month. 

Via Infosecurity Magazine

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
Security
American National Insurance Company breach data found online
Representational image of data security
Travel data of almost 500,000 users exposed in Daytrip leak
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
Major breach hits employee screening firm - 3.3 million affected as hackers steal DISA data
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
A top online gift card store may have exposed private data on hundreds of thousands of users
Latest in Security
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
Latest in News
Google Gemini Robotics
Gemini just got physical and you should prepare for a robot revolution
Lilo & Stitch Official Trailer
Stitch crashes into earth and steals our hearts with the first trailer for the live-action Lilo & Stitch
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters
Y2K cast looking shocked
Y2K has a streaming release date on Max, so you can witness the technology uprising at home
The Discovery+ homepage
Discovery+ just got a big update to its streaming app that makes it more like Max – here are 5 great new features to try
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'