1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • TransUnion's data stolen in major data breach

    From TechnologyDaily@1337:1/100 to All on Wed Sep 20 14:15:03 2023
    TransUnion's data stolen in major data breach

    Date:
    Wed, 20 Sep 2023 14:04:18 +0000

    Description:
    TransUnion claims it wasn't breached, and that the data came from a third party.

    FULL STORY ======================================================================

    A hacker has posted a stolen database on the dark web alleging it contains sensitive data stolen from credit agency TransUnion. However, the company
    says there is no evidence of any compromise or data exfiltration, and argues that whatever data was taken - must have been stolen from a third party.

    Going by the alias USDoD, the hacker published a 3GB database on
    BreachForums, a popular underground site where criminals exchange tools and information. This database, it was claimed, carried personally identifiable information (PII) on more than 58,000 people, at least some of whom appear to be TransUnion customers.

    The data includes full names, internal TransUnion identifiers, passport information such as birth dates and places of birth, marital status, age, employer information, credit scores and loan information. Third party compromised

    Following the leak, and subsequent media coverage, TransUnion published a short statement claiming to be aware of some limited online activity alleging that data obtained from multiple entities, including TransUnion, will be released. This prompted the firm to run an investigation with third-party cybersecurity and forensic expects, which concluded that there is no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment.

    Furthermore, TransUnion says, the data, formatting, and fields, dont match
    the content or formats it uses, indicating that any such data came from a third party.

    While this might very well be a supply chain attack, Infosecurity Magazine also reminds that the date of the database compromise aligns with a
    ransomware incident at TransUnions South African business last year.

    Back then, the hackers asked for $15 million in exchange for the decryption key, and not leaking sensitive data on the dark web.

    Separate reports claim USDoD works with a ransomware group known as Ransomed, and that theyre responsible for the data leak from 3,200 Airbus vendors earlier this month.

    Via Infosecurity Magazine More from TechRadar Pro Top data breaches and
    cyber attacks of 2022 Here's a list of the best endpoint protection services Looking for a good firewall? Here are the best firewalls right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/transunions-data-stolen-in-major-data-b reach


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)