The credit bureau has said the July breach was brought on by an unidentified third party and was quickly contained.Published On 28 Aug 202528 Aug 2025The credit reporting company TransUnion has confirmed that more than 4 million people’s data was exposed in a recent hack involving an unidentified third party.In a letter posted to the website of Maine’s attorney general on Wednesday, the company said it had “recently experienced a cyber incident involving a third-party application serving our US consumer support operations”.“We continue to enhance our security controls as appropriate to minimise the risk of any similar incident in the future.”In a statement, TransUnion said it had “quickly contained the issue, which did not involve our core credit database or include credit reports”.The Illinois-based credit bureau also issued a letter to consumers, saying it would offer its credit monitoring services to those affected free of charge.Maine legally requires disclosures for certain kinds of breaches affecting its residents. Among the more than 4.4 million people who were victims of the hack, roughly 17,000 were from Maine.The state attorney general’s office indicated that the breach occurred on July 28 and was discovered two days later, on July 30.The name of the third-party application was not disclosed, but US corporations have recently seen waves of compromises as hackers trick employees into opening up their respective employers’ Salesforce databases, where consumer data is often stored.A Salesforce representative did not immediately return a m …
