Overview
- TransUnion disclosed that unauthorized access on July 28 targeted a third-party application used by its U.S. consumer support operations.
- The company discovered the incident on July 30 and said it did not involve credit reports or its core credit database.
- Notifications filed with regulators state that 4,461,511 individuals were affected, though the specific data elements exposed were not detailed.
- Impacted people are being offered 24 months of myTrueIdentity credit monitoring and fraud assistance through Cyberscout.
- TransUnion says it contained the issue and is working with law enforcement and independent forensic experts as the investigation continues.