- TransUnion reported a data breach with 4.4 million Americans affected
- The threat actors claim the attack is much larger
- Users should be wary of incoming emails
TransUnion, a major American credit reporting company, suffered a data breach in which it lost personally identifiable information (PII) on more than 4.4 million American citizens.
In a new report, filed with the Maine Attorney General’s Office, the company said it was struck on July 28, 2025, and that it spotted the intrusion two days later.
The data lost in the incident is “limited”, TransUnion said, without detailing the type. It did stress that credit reports and core credit information was not exposed in this attack. It still decided to give affected individuals 24 months of free credit monitoring and identity theft protection.
ShinyHunters
At the same time, BleepingComputer discovered that the attack was the work of ShinyHunters, who broke into the company’s Salesforce account to steal the information.
“A wave of Salesforce data theft attacks has impacted numerous companies this year, including Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel, and Qantas,” the publication said. ShinyHunters confirmed with the publication that they stole more than 13 million records, with the 4.4 million mentioned above relating only to US citizens.
The group shared a sample, as well, showing people’s names, billing addresses, phone numbers, email addresses, dates of birth, and unredacted Social Security numbers (SSN). This type of information can hardly be described as “limited”, as it is more than enough to use in identity theft, phishing, and other forms of cybercrime. Crooks can open bank accounts in people’s names, take out loans, and even apply for tax cuts and returns.
The data also includes the reason for the customer transaction, such as a request for a free credit report, which can also be used to target the victims with convincing phishing attacks, deploying malware or stealing even more information.
ShinyHunters also told BleepingComputer they stole customer support tickets and various messages stored in Salesforce.
TransUnion is one of the three major consumer credit reporting agencies in the US (alongside Experian and Equifax). It collects and maintains credit information on individuals and businesses, then provides credit reports, scores, and identity protection services to lenders, businesses, and consumers.
How to stay safe
To mitigate potential risks, users should place a credit freeze (or fraud alert) with all three credit bureaus, preventing new credit accounts from being opened in their name without approval.
They should also monitor their credit reports, and use TransUnion's offer of free identity theft monitoring.
Finally, they should watch their financial accounts closely, and be extra cautious with incoming emails and other communication. Since attackers now know their contact info, they might send convincing fake emails, texts, or calls pretending to be banks, government agencies, or even TransUnion itself.
Via BleepingComputer
You might also like
- TransUnion's data stolen in major data breach
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.