TransUnion Data Breach (2025)

"Credit reporting giant TransUnion has disclosed a data breach affecting more than 4.4 million customers’ personal information. In a filing with Maine’s attorney general’s office on Thursday, TransUnion attributed the July 28 breach to unauthorized access of a third-party application storing customers’ personal data for its U.S. consumer support operations. TransUnion claimed “no credit information was accessed,” but provided no immediate evidence for its claim. The data breach notice did not specify what specific types of personal data were stolen." https://www.bleepingcomputer.com/news/security/transunion-suffers-data-breach-impacting-over-44-million-people/ "Update: Story updated with confirmation that this was another Salesforce data theft attack. Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States, with BleepingComputer learning the data was stolen from it's Salesforce account. According to a filing submitted to the Office of the Maine AG, the breach occurred on July 28, 2025, and was discovered two days later. A sample of the notifications distributed to impacted clients earlier this week specifies that the incident involved a third-party application serving the company's consumer support operations. "We recently experienced a cyber incident involving a third-party application serving our U.S. consumer support operations," reads the data breach notice."