HousingWireHousingWire
Credit bureau TransUnion disclosed Wednesday that a July cyberattack compromised the personal data of more than 4.4 million consumers, according to a filing with the Office of the Maine Attorney General.
In a letter to affected customers, the company stressed that the breach did not involve its core systems or credit files. Instead, hackers gained “unauthorized access to some of your personal data that was stored on a third-party application. Importantly, no credit information was accessed.”
TransUnion did not identify the vendor involved. A company spokesperson has not responded to HousingWire’s request for comments.
The breach, which happened on July 28, was detected within two days. Nationwide, roughly 4.4 million individuals were affected, including 16,828 in Maine. The company also filed disclosures in California.
TransUnion said the exposed information was limited to “specific data elements” and did not include credit reports or other core credit information.
The Illinois-based bureau is offering affected consumers two years of free credit monitoring through its myTrueIdentity service, as well as fraud assistance.
TransUnion manages more than 1 billion consumer profiles worldwide, including 200 million in the U.S. Roughly one-third of its revenue comes from mortgage companies.
The disclosure comes eight years after rival Equifax revealed a 2017 data breach that potentially compromised the records of 143 million U.S. consumers. The sector remains a prime target for hackers because of the sensitive financial and personal information it holds.