The consumer credit reporting giant TransUnion has confirmed a major data breach that exposed the personal information of more than 4.4 million Americans, including their Social Security numbers, raising new concerns about identity theft and financial fraud, the Daily Mail reported.
TransUnion, one of the nation’s three major credit reporting agencies, disclosed that hackers gained access to sensitive personal details in late July, according to documents filed with Maine’s attorney general. The company said the breach was discovered two days after the July 28 cyberattack.
Although the bureau said that “core credit information” was not stolen, the hackers reportedly accessed Social Security numbers and other personal identifiers. The agency maintains records on more than 200 million people in the United States.
“We recently experienced a cyber incident involving a third-party application serving our U.S. consumer support operations. The unauthorized access includes some limited personal information belonging to you,” TransUnion wrote in letters to affected customers.
The breach appears linked to a larger hacking campaign targeting Salesforce’s cloud platform, which also compromised a Google-managed database. The hacking group known as ShinyHunters has claimed responsibility.
According to the cybersecurity site Bleeping Computer, the campaign also affected major companies including Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel, and Qantas.
A TransUnion spokesperson told the Daily Mail that the incident “involved unauthorized access to limited personal information for a very small percentage of U.S. consumers,” adding that the company is “working with law enforcement and have engaged third-party cybersecurity experts for an independent forensics review.”
The company is offering 24 months of free credit monitoring and identity theft protection to those affected. According to Maine’s attorney general, 4,461,511 people nationwide were affected, including 16,828 residents of Maine.
Cybersecurity experts warn that even limited personal data can open the door to serious threats. Hackers can use details such as names, Social Security numbers, and dates of birth to impersonate consumers and apply for credit cards, loans, or other financial accounts.
James Knight, a cybersecurity expert with DigitalWarfare.com, told the Daily Mail that recent breaches are fueling phishing scams.
“If you do get a text message or a voice message from Google, don’t trust it’s from Google. Nine times out of 10, it’s likely not,” he said.
Knight added that hackers are also attempting brute-force entry into accounts using easy-to-guess passwords such as “password.”
Following past breaches, security specialists have urged consumers to freeze their credit, change passwords, and activate fraud alerts on bank accounts. Credit freezes in particular can prevent criminals from opening new accounts in a target’s name.
The TransUnion breach is the latest reminder of vulnerabilities in the digital systems that house vast troves of sensitive data, placing millions of Americans at risk of financial exploitation.?
© 2025 Newsmax. All rights reserved.
