Credit scoring and monitoring firm TransUnion has confirmed a data breach which exposed data belonging to nearly 4.5 million people.
TransUnion is one of the big three credit reporting agencies in the US, along with Experian and Equifax, collecting and updating credit information on consumers and businesses.
In a filing with the Office of the Maine Attorney General, the company revealed it experienced a breach on 28th July, which it discovered two days later. It said the data of 4,461,511 people had been affected.
“We recently experienced a cyber incident involving a third-party application serving our US consumer support operations. The unauthorized access includes some limited personal information belonging to you,” TransUnion said in a template letter now being sent to customers.
“We regret any concern caused by this incident and take seriously the responsibility to help secure consumer information.”
What data was exposed in the TransUnion breach?
According to TransUnion, no credit information was accessed during the cyber incident. The company has promised customers two years’ free credit monitoring services and proactive fraud assistance from its Cyberscout subsidiary.
The incident is widely believed to be just the latest Salesforce breach, following attacks on more than 700 companies, including Google, Adidas, Farmers Insurance, Allianz Life, Workday, Cisco, Chanel and several airlines.
These attacks have been claimed by ransomware group ShinyHunters, as well as, more recently, a group known as UNC6395.
“This incident poses a significantly higher risk to victims than many of the other Salesforce related breaches disclosed so far because it involves Social Security numbers in addition to contact and support data,” said Cory Michal, chief security officer at AppOmni.
“While most of the previous attacks have exposed sensitive but less critical information, the compromise of SSNs creates far greater potential for identity theft, financial fraud, and long-term misuse of personal data,” he added.
“That elevates the impact of the TransUnion breach well above other recent disclosures, even if the number of affected individuals is smaller.”
Fresh Salesforce warnings issued
Earlier this week, Google’s Threat Intelligence Group warned of ‘widespread data theft’, saying that attackers weren’t just exploiting the Salesforce integration with Salesloft Drift, but that other integrations were impacted too.
Salesloft Drift customers should treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised, it said.
Many more disclosures are likely coming, Michal suggested.
“What we’re seeing now is likely the leading edge of a much larger wave of public disclosures, as investigations conclude and regulatory timelines come due,” he said.
“It’s also important to note that the TransUnion disclosure appears to stem from an earlier UNC6040 campaign, based on the breach dates in their filing, which underscores that multiple overlapping threat actor groups are actively exploiting SaaS environments like Salesforce.”
The breach could cost TransUnion dear. In 2017, the personal data of more than 147 million people was accessed when rival credit bureau Equifax was hacked.
The company was forced by the Federal Trade Commission to set aside $425 million to help affected consumers.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
