TransUnion Data Breach Exposes Personal Information of 4.4 Million Consumers
WEST PALM BEACH, FL – TransUnion, one of the nation’s three major credit reporting agencies, has confirmed a data breach that exposed sensitive personal information of more than 4.4 million U.S. consumers.
The incident was discovered on July 30, 2025, just two days after hackers gained access to a third-party application used by TransUnion’s U.S. consumer support operations. While the company stressed that its core credit databases and credit reports were not compromised, the breach did involve critical identifiers including names, dates of birth, and Social Security numbers. In some cases, contact information such as phone numbers, addresses, email accounts, and support ticket details were also taken.
Security researchers have tied the intrusion to the hacker collective known as ShinyHunters, the same group believed to be behind recent campaigns targeting Salesforce integrations at multiple Fortune 500 companies. The attack exploited vulnerabilities in third-party applications rather than TransUnion’s internal systems, highlighting once again the risks posed by interconnected platforms and vendor technologies.
According to filings with state attorneys general, 4,461,511 individuals were impacted. Initial reports claiming 44 million victims appear to have overstated the number. The confirmed figure remains at just over 4.4 million, making this a large-scale but not unprecedented breach in the financial services sector.
TransUnion has begun notifying affected consumers by mail and is offering 24 months of free credit monitoring and identity theft protection. The company advises individuals to take precautions such as:
The breach underscores the continuing challenges of safeguarding personal data, even for organizations tasked with protecting the nation’s financial identities. With Social Security numbers compromised, the risk of long-term identity theft remains a serious concern.
For consumers, the incident serves as a reminder that no institution is immune to cyberattacks, and proactive steps like credit freezes and ongoing monitoring are increasingly essential.
Q: How many people were affected by the TransUnion breach?
A: Approximately 4.4 million U.S. consumers had personal information exposed, according to filings with state attorneys general.
Q: What type of information was stolen?
A: The breach exposed names, dates of birth, and Social Security numbers. In some cases, contact information like addresses, phone numbers, email accounts, and support ticket details were also compromised.
Q: Were credit reports or credit scores leaked?
A: No. TransUnion confirmed that its core credit databases and consumer credit reports were not accessed.
Q: Who was behind the attack?
A: The hacker group ShinyHunters has claimed responsibility. They are known for targeting large companies through weaknesses in third-party software, often linked to Salesforce applications.
Q: How did the hackers gain access?
A: The breach occurred through a third-party application used by TransUnion’s consumer support division. This highlights the risk of vendor-related vulnerabilities.
Q: What is TransUnion doing to help consumers?
A: TransUnion is offering 24 months of free credit monitoring and identity theft protection services to all impacted individuals.
Q: How can I find out if I was affected?
A: Consumers will be notified by letter if their information was compromised. If you believe you may be impacted, you can also contact TransUnion directly or monitor for official updates on their website.
Q: What steps should I take right now?
A: Consider freezing your credit with all three major bureaus, reviewing your credit reports, monitoring bank and credit card accounts, and staying alert for suspicious emails or calls.
Q: What is a credit freeze?
A: A credit freeze prevents new creditors from accessing your credit file, making it harder for identity thieves to open accounts in your name. It does not affect your existing accounts or your credit score.
Q: How long will the risks last?
A: Because Social Security numbers were exposed, the risk of identity theft may last indefinitely. That makes long-term vigilance critical.
The post TransUnion Data Breach Exposes Personal Information of 4.4 Million Consumers first appeared on Strategic Revenue – Domain and Internet News.
Publisher Sega and developer Creative Assembly have revealed what appears to be a teaser trailer…
US President Donald Trump used a lone gunman’s storming of the lobby outside the White House Correspondents’ Dinner on…
AMHERST — Performances by local and student bands, an art walk at campus galleries and…
GREENFIELD — Aided by grant funding, the nonprofit law organization providing free services to low-income…
Children’s Advocacy Center luminaria event NORTHAMPTON — The Children’s Advocacy Center (CAC) of Hampshire County…
CHESTERFIELD — For the fourth time in 16 months, Chesterfield has a new Council on…
This website uses cookies.
