Days after a criminal bragged about leaking a more than 3GB TransUnion database containing financial information on 58,505 people, the credit-checking agency claimed the information had in fact been stolen from a third party.
On Sunday, a thief using the alias USDoD shared via a cybercrime forum what was claimed to be a TransUnion database containing sensitive information belonging to people in North and South America, Europe and other parts of the world. This database would contain people’s names, internal TransUnion identifiers, passport information, ages, dates and places of birth, employers, summary of financial transactions, credit scores and loan details , among other sensitive elements.
According to VX-Underground, which reported After being posted on Twitter over the weekend, a copy of this database appears to have been ripped out on March 2 last year.
TransUnion made admit in 2022, it suffered a security breach after criminals broke into a South American server and stole data relating to five million customers and 600,000 businesses.
In a brief statement released Tuesday, the credit rating giant responded to the USDoD’s claims.
“TransUnion is aware of certain limited online activities, alleging that data obtained from multiple entities, including TransUnion, will be disclosed,” the company said in its statement. note Tuesday.
In what has become boilerplate language for responding to security concerns, the credit reporting industry said it “immediately” took steps to respond to the complaints, including partnering with external security experts. cybersecurity and forensics and launching an investigation.
“At this time, we and our internal and external experts have found no indication that TransUnion’s systems were breached or that data was exfiltrated from our environment,” the statement continued.
And then it places the blame elsewhere.
“Through our investigation, we found that several aspects of the messages – including data, formatting and fields – do not match the content or formats of TransUnion’s data, indicating that this data comes from a third party .”
TransUnion did not respond to The registerincluding whether it knows who the third party may be, how the USDoD obtained the data in the first place, and whether this leak is linked to the 2022 security failure.
“Data protection is a top priority at TransUnion. We take any assertions regarding the security of our information seriously and will continue to monitor this situation closely,” the company’s statement concludes.
The USDoD is the same demon named in court documents (PDF) in connection with Stop by Conor Brian Fitzpatrick, aka Pompompurin, who ran BreachForums before the federal government close an incarnation of the message board earlier this year.
According to court documents, USDoD broke into the FBI’s InfraGard in 2022 and then leaked contact information belonging to the information-sharing network’s nearly 80,000 members.
More recently, USDoD has reportedly raided Airbus and posted personal information belonging to the aerospace giant’s 3,200 suppliers on a cybercrime forum. ®
Tell your friends
Some readers ask us if they can support The register via some sort of subscription. The best way to return El Reg and keeping our journalism flowing means spreading the word on social media, telling a colleague, register for a Register account and our newslettersand comment on the articles.
Find us and share us on Blue sky, LinkedInAnd Twitter. Inform us with news. And thanks for reading.