TransUnion Data Breach Exposes 4.4 Million Consumers

Credit bureau TransUnion has disclosed a major data breach affecting more than 4.4 million consumers, after hackers infiltrated its systems through a third-party application used in its U.S. consumer support operations.

In a statement to law enforcement, the company confirmed that attackers gained access to personal data but emphasized that no credit information was compromised. TransUnion has not yet specified the exact categories of personal information that were exposed.

As one of the largest credit reporting agencies in the United States, TransUnion manages sensitive financial records of over 260 million Americans, making it a prime target for cybercriminals.

This incident adds to a troubling history of security lapses for the company. In 2022, TransUnion was hit with a ransomware attack in South Africa, where hackers demanded $15 million for the return of 54 million stolen customer records.

The latest breach underscores the growing risks posed by third-party software dependencies and highlights the ongoing challenge of safeguarding vast troves of consumer financial data. With millions potentially exposed, regulators and consumers alike are expected to press for greater transparency and stronger security commitments from the credit bureau.