More Than 4.4 Million Exposed in Credit Bureau TransUnion Breach

A recent data breach at credit bureau TransUnion has exposed the sensitive personal information of up to 4.4 million customers, raising concerns about the security and privacy of consumer data. The breach, which occurred on July 28, was identified and contained within hours by TransUnion's team of experts.

The Impact of the Breach

The breached data included names and Social Security numbers of affected individuals, along with other sensitive personal information. While TransUnion claims that no credit information was accessed, "limited personal information" was exposed in the breach. Two separate state filings have shed more light on the situation, revealing that a third-party application stored personal customer data and may have been compromised.

A Global Problem

The TransUnion breach is part of a larger trend of attacks targeting companies' Salesforce databases. Google recently reported that hackers were using a modified version of a Salesforce-related app to steal vast stores of data, infiltrate other cloud systems, and extort compromised companies. The same hacking group, ShinyHunters, has been linked to several global organizations, including Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel, and Qantas.

A Response from Salesforce

Salesforce has responded to the breach by stating that social engineering was to blame for the attacks, not a known vulnerability in their platform. The company urges customers to take steps to mitigate the risk, including enabling multi-factor authentication and closely managing connected applications.

What to Do if You've Been Affected

If you have received a notice from TransUnion or suspect that your private data has been leaked, there are steps you can take to protect yourself. Consumer rights law firm Wolf Haldenstein has issued an alert urging those affected to reach out and investigate any unusual activity on their credit report.

Protecting Yourself

Even if you haven't received a notice from TransUnion, it's essential to be proactive about protecting your personal data. You can freeze your credit for free, enable two-factor authentication or add a security key to your accounts. If you're unsure whether your private data has been leaked or you haven't received any communication from TransUnion, you can contact their Fraud Victim Assistance Department at 800-680-7289.

Stay Informed

As the situation continues to unfold, it's essential to stay informed about the breach and how it affects you. CNET will provide regular updates on this developing story, ensuring that our readers are always in the know about the latest developments in the world of technology and cybersecurity.