- Transunion reported a data violation with 4.4 million Americans affected
- Threat actors claim that the attack is much greater
- Users must be wary of incoming emails
Transunion, a large American credit declaration company, has suffered a violation of data in which it has lost personally identifiable information (PII) on more than 4.4 million American citizens.
In a new report, submitted to the Maine Prosecutor General’s Office, the company said that it had been struck on July 28, 2025 and that it spotted the intrusion two days later.
The data lost in the incident is “limited,” said transunion, without detailing the type. He stressed that credit reports and basic credit information was not exposed in this attack. He still decided to give people affected 24 months of free credit and protection against identity theft.
Chulleurs
At the same time, Bleeping Compompute I discovered that the attack was the work of Shinyhuters, which broke into the company’s Salesforce account to steal the information.
“A wave of Salesforce data flight attacks had an impact on many companies this year, notably Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel and Qantas,” said the publication. Shinyhuanters confirmed with the publication that they had stolen more than 13 million files, the 4.4 million mentioned above only the American citizens.
The group also shared a sample showing people’s names, billing addresses, telephone numbers, email addresses, birth dates and unresaled social security numbers (SSN). This type of information can hardly be described as “limited” because it is more than enough to use in identity theft, phishing and other forms of cybercrime. Scammers can open bank accounts in people’s names, contract loans and even request tax reductions and yields.
Data also includes the reason for the customer transaction, such as free credit report request, which can also be used to target victims with convincing phishing attacks, deployment of malware or theft of more information.
Shinyhunters also said Bleeping Compompute They stole customer support tickets and various messages stored in Salesforce.
Transunion is one of the three main credit report agencies to consumers in the United States (alongside experience and Equifax). It collects and maintains credit information on individuals and businesses, then provides credit reports, scores and identity protection services to lenders, businesses and consumers.
How to stay safe
To mitigate potential risks, users must place a credit freezing (or a fraud alert) with the three credit offices, preventing new credit accounts from opening on their behalf without approval.
They should also monitor their credit reports and use the free identity flight monitoring offer.
Finally, they should close their financial accounts closely and be very cautious with incoming emails and other communications. Since attackers now know their contact details, they could send false emails, SMS or convincing calls to be banks, government agencies or even a transunion itself.
Via Bleeping Compompute
