Credit reporting firm TransUnion (NYSE: TRU) is notifying more than 4.4 million people that their personal information was compromised in a data breach.
The incident occurred on July 28, 2025, the company said in data breach notifications sent to the impacted individuals, copies of which were submitted to the Maine and Texas Attorney General’s Offices.
According to TransUnion, the data breach involved personal information stored in a third-party application, including names, Social Security numbers, and dates of birth.
“TransUnion recently experienced a cyber incident that affected a third-party application serving our US consumer support operations. Upon discovery, we quickly contained the issue, which did not involve our core credit database or include credit reports,” the company told SecurityWeek.
“We identified and contained this event within hours,” a TransUnion spokesperson said.
TransUnion told the Maine AGO that 4,461,511 individuals were impacted by the data breach, and that it is providing them with 24 months of free credit monitoring services, and with proactive fraud assistance.
The credit reporting firm did not name the third-party application involved in the incident, but said it has been working with law enforcement and third-party cyber security experts to investigate the attack.
However, it appears that the data breach was related to a broader wave of data theft attacks impacting Salesforce customers, and that the infamous extortion group known as ShinyHunters was responsible for it, BleepingComputer reports.
In addition to the personal information that TransUnion has reported as compromised, addresses, email addresses, and phone numbers were also stolen, the hackers claim.
In early August, Google disclosed a data breach involving its Salesforce instance, after warning in June that UNC6040, a threat actor specializing in voice phishing attacks, was running a large-scale Salesforce data theft and extortion campaign.
Google linked UNC6040 to Scattered Spider, which apparently merged with ShinyHunters. Recently disclosed data breaches impacting Adidas, Allianz Life, Cisco, Dior, Louis Vuitton, and other companies appear to be part of the Salesforce hacking campaign.
*Updated with statement from TransUnion.
Related: Hundreds of Salesforce Customers Hit by Widespread Data Theft Campaign
Related: Nevada State Offices Closed Following Disruptive Cyberattack
Related: Police in Brazil Arrest a Suspect Over $100M Banking Hack
Related:Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools
