TransUnion, one of the nation\u2019s three major credit reporting agencies, has disclosed a significant data breach that exposed the personal information of more than four million U.S. customers.<\/p>\n
The company is now alerting affected individuals about the cyber incident, which involved unauthorized access to data stored on a third-party application.<\/p>\n
On July 28, 2025, TransUnion LLC confirmed a sophisticated cyber intrusion that compromised the personal data of over 4.4 million consumers.\u00a0<\/p>\n
The unauthorized access, detected on July 30, 2025, targeted TransUnion\u2019s consumer reporting systems and exposed sensitive Personally Identifiable Information (PII)<\/a>.\u00a0<\/p>\n According to the Maine office filing<\/a>, the breach affected 4,461,511 individuals nationwide, including 16,828 residents of Maine.\u00a0<\/p>\n The breach targeted an application used for the company\u2019s U.S. consumer support operations. While the intrusion compromised sensitive personal data, TransUnion has assured its customers that the accessed information did not include credit reports or core credit information.<\/p>\n The compromised data elements included full names, Social Security numbers, dates of birth, and driver\u2019s license numbers, constituting a classic PII aggregation that heightens the risk of identity theft and financial fraud.<\/p>\n The breach was discovered on August 15, 2025, after the company\u2019s cybersecurity team detected suspicious activity on its network. An internal investigation, conducted in collaboration with a leading cybersecurity firm, revealed that an unauthorized third party had gained access to the system for a period of two weeks in late July.<\/p>\n \u201cWe take our responsibility to protect consumer data very seriously,\u201d said a TransUnion spokesperson in a statement released Friday. \u201cWe have taken immediate steps to secure the application and are working with law enforcement to investigate this matter. We are committed to supporting our customers and have begun the process of notifying all affected individuals.\u201d<\/p>\n TransUnion is offering two years of free credit monitoring and identity theft protection services to all impacted customers. The notification letters will include instructions on how to enroll in these services. The company has also set up a dedicated call center to answer customer questions and has posted an FAQ on its website.<\/p>\n TransUnion issued written Data Breach<\/a> Notifications to all affected consumers on August 26, 2025, in compliance with state and federal regulations.<\/p>\n Find this Story Interesting! Follow us on\u00a0LinkedIn<\/a>\u00a0and\u00a0X<\/a>\u00a0to Get More Instant Updates<\/strong>.<\/p>\n The post TransUnion Hack Exposes 4M+ Customers Personal Information<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nKey Takeaways<\/strong>
<\/mark>1. 4.4M+ PII records exposed in a July 28 SQL-injection breach.
2. MFA, segmentation, forensics, and notifications deployed.
3. Two years of free myTrueIdentity![\"\u2122\"](\"https:\/\/i0.wp.com\/s.w.org\/images\/core\/emoji\/16.0.1\/72x72\/2122.png?ssl=1\")
credit monitoring provided.<\/pre>\nOver 4 Million Individuals\u2019 PII Stolen<\/strong><\/h2>\n