TransUnion Involved in Potential Hacking Incident - UPDATEDHacker 'USDoD' Claims Attack, Says He Has Data of More Than 50,000 Consumers
Update Sept. 21, 2023 13:56 UTC: TransUnion released a statement that it launched an investigation with internal and external experts that shows "no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment." The data displayed by hacker "USDoD" does not match TransUnion formatting, the company added, "indicating that any such data came from a third party."
Original story below:
Credit reporting agency TransUnion may be the subject of a hacking incident leading to a data breach after a hacker apparently stole information of 58,505 customers across North and South America and Europe.
Cybercriminal underworld tracker Vx-Underground on Sunday said an individual who goes by the moniker "USDoD" had leaked 3 gigabytes worth of data from TransUnion containing information such as full names, credit scores and loan balances.
TransUnion has not acknowledged the hack and refused to discuss the matter on the record.
Details of the latest attack remain sparse. USDoD claimed in a post on the BreachForums criminal online bulletin board that the hack as a "work between ransomed and myself." BreachForums is the successor to a forum of the same name that shut down earlier this year following the arrest of its founder. "Ransomed" refers to a new cyber extortion gang that threatens victims with disclosure to data protection regulators unless it receives a payment, which the group argues is cheaper than state fines (see: Tattletale Ransomware Gangs Threaten to Reveal GDPR Breaches).
USDoD, who previously went by the NetSec on the now-defunct RaidForums, came into the limelight in 2022 with a hack of InfraGard, the FBI's public-private cybersecurity forum. The attack resulted in USDoD listing sensitive information of InfraGard members in a cybercrime forum (see: Hacker Reportedly Breaches US FBI Cybersecurity Forum).
On Sept. 11, USDoD listed what he claimed in a BreachForums post was leaked information on roughly 3,200 Airbus vendors, including full names, addresses, phone numbers and emails.
He also gave a slightly unhinged interview Sunday to DataBreaches.net, in which he said, "I Am Not Pro-Russia, and I Am NOT a Terrorist, Either!"
TransUnion has suffered a handful of data breach incidents over the past 18 months, including a 2022 incident in which hackers obtained the personal information of up to 5 million individuals from TransUnion's South Africa division. A Brazilian hacking group that calls itself N4ughtySec took responsibility for the hack.