Credit reporting giant TransUnion has disclosed a data breach affecting more than 4.4 million customers’ personal information.
In a filing with Maine’s attorney general’s office on Thursday, TransUnion attributed the July 28 breach to unauthorized access of a third-party application storing customers’ personal data for its U.S. consumer support operations.
TransUnion claimed “no credit information was accessed,” but provided no immediate evidence for its claim. The data breach notice did not specify what specific types of personal data were stolen.
In a separate data breach disclosure filed later on Thursday with Texas’ attorney general’s office, TransUnion confirmed that the stolen personal information includes customers’ names, dates of birth, and Social Security numbers.
When reached by TechCrunch, TransUnion spokesperson Jon Boughtin would not answer questions related to the company’s data breach, or say what types of customers’ personally identifiable information were taken.
TransUnion is one of the largest credit reporting agencies in the United States, and stores the financial data of more than 260 million Americans. It’s the latest U.S. corporate giant to have been hacked in recent weeks following a wave of hacks targeting the insurance, retail, and transportation and airline industries.
Several companies, including Google, insurance giant Allianz Life, Cisco, and HR giant Workday, reported data breaches of customer data stored in their Salesforce-hosted cloud databases. Following its breach, Google attributed the hacks to an extortion group known as ShinyHunters.
It’s not clear who is behind the breach at TransUnion, or if the hackers made any demands to the company.
Updated with a response from TransUnion, and updated with additional details from the Texas state filing.
Source link
