Overview

• State filings say unauthorized access occurred on July 28 and was discovered July 30, exposing limited personal information.
• TransUnion has not specified which data elements were accessed and says credit reports and core credit databases were not involved.
• The company reports the issue was quickly contained and is working with law enforcement and outside cybersecurity firms on a forensic review.
• Impacted individuals are being offered 24 months of free credit monitoring through myTrueIdentity and fraud assistance from Cyberscout.
• Independent reporting links the incident to recent Salesforce account data thefts attributed to groups such as ShinyHunters, with some sources saying Social Security numbers were included, a connection TransUnion has not confirmed.