TransUnion Reports Breach Exposing Personal Information of 4.4M
TransUnion suffered a data breach that may have exposed the personal information of more than 4.4 million of the credit agency's customers, it told the Maine attorney general's office on Wednesday.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
A sample notification letter attached to TransUnion's report said there was "a cyber incident involving unauthorized access to some [customer] personal data that was stored on a third-party application," but "no credit information was accessed."
"TransUnion takes the protection of personal information seriously, which is why we engage in robust, proactive security measures," and will "continue to enhance our security controls as appropriate to minimize the risk of any similar incident in the future," the letter said.
It didn't reveal what type of information was accessed, nor how many people were affected. The AG office report, however, noted that 4.46 million people were impacted, with 16,828 Maine residents. The AG also said the breach occurred on July 28, 2025, and was discovered on July 30, 2025, which the letter didn't mention. TransUnion is offering two years of credit monitoring services to those affected, according to the letter.