TransUnion, one of the top three credit reporting agencies in the United States, has been involved in a data breach that exposed the personal information of more than 4.4 million people.
According to reporting from Cybernews, the breach did not directly target TransUnion itself but occurred through a third-party vendor on July 28th. TransUnion realized there had been a breach two days after the incident.
Over 4.4 million customers may have had their personal details exposed. According to the company, exposed details were limited to ‘specific data elements’ which would vary from person to person and TransUnion itself may not even know what those details may be. Though TransUnion is working with both law enforcement in an investigation and with third-party cybersecurity experts in an independent forensics review.
In a letter submitted to the Maine Attorney General’s Office, TransUnion stated that the hackers did not access customers' credit information. TransUnion is in the process of notifying the affected customers with a data breach notification; this letter states that “a cyber incident involving unauthorized access to some of your personal data was stored on a third-party application. Importantly, no credit information was accessed.”
However, TransUnion has also said that affected parties will be provided with credit monitoring services, which means that the exposed details may involve more than just customer names but may also include additional details that could put customers at risk of identity theft or, at the very least, phishing attempts.
A cyber incident involving unauthorized access to some of your personal data was stored on a third-party application. Importantly, no credit information was accessed.
TransUnion letter to customers
Anyone who has registered with TransUnion should be on high alert for phishing attempts – be on the lookout for any emails that are urgent and want you to “act now” or act to create a hasty response to fix an issue, want you to provide details, or need you to correct an account issue.
Likewise, never click on anything in an email or text message if you are not expecting it, even if it appears to be legitimate. Go directly to the source and log in to check your accounts independently. Make sure you've protected yourself from online scams and hacks by using one of the best antivirus programs on your devices, and when you're online, use protections like a VPN and a hardened browser. If you've been affected by this or any other breach, you can also sign up for identity theft protection to keep an eye on any potentially suspicious behavior before it occurs.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Tom's Guide
- 2.5 Billion Gmail Accounts Could Be Compromised — Google Just Issued A Password Reset Warning
- Over Half a Million Hit in Major Healthcare Data Breach With SSNs, Financial Info and More Exposed — What to Do Now
- Google wants to fight Android malware by making sideloading more difficult — here's how
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
