TransUnion's data stolen in major data breach

ID theft
Image credit: Pixabay (Image credit: Future)

A hacker has posted a stolen database on the dark web alleging it contains sensitive data stolen from credit agency TransUnion. However, the company says there is no evidence of any compromise or data exfiltration, and argues that whatever data was taken - must have been stolen from a third party.

Going by the alias “USDoD”, the hacker published a 3GB database on BreachForums, a popular underground site where criminals exchange tools and information. This database, it was claimed, carried personally identifiable information (PII) on more than 58,000 people, at least some of whom appear to be TransUnion customers. 

The data includes full names, internal TransUnion identifiers, passport information such as birth dates and places of birth, marital status, age, employer information, credit scores and loan information.

Third party compromised

Following the leak, and subsequent media coverage, TransUnion published a short statement claiming to be aware of “some limited online activity alleging that data obtained from multiple entities, including TransUnion, will be released”. This prompted the firm to run an investigation with third-party cybersecurity and forensic expects, which concluded that there is “no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment.”

Furthermore, TransUnion says, the data, formatting, and fields, don’t match the content or formats it uses, “indicating that any such data came from a third party.”

While this might very well be a supply chain attack, Infosecurity Magazine also reminds that the date of the database compromise aligns with a ransomware incident at TransUnion’s South African business last year.

Back then, the hackers asked for $15 million in exchange for the decryption key, and not leaking sensitive data on the dark web. 

Separate reports claim USDoD works with a ransomware group known as Ransomed, and that they’re responsible for the data leak from 3,200 Airbus vendors earlier this month. 

Via Infosecurity Magazine

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
Security
American National Insurance Company breach data found online
Representational image of data security
Travel data of almost 500,000 users exposed in Daytrip leak
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
Major breach hits employee screening firm - 3.3 million affected as hackers steal DISA data
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 16 (game #1147)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 16 (game #378)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 16 (game #644)
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before