Security News > 2023 > September > TransUnion denies it was hacked, links leaked data to 3rd party
Credit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data allegedly stolen from the company's network.
"At this time, we and our internal and external experts have found no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment."
The investigation into the claims found that the information leaked by USDoD was likely obtained from another organization's systems, given that the data and its formatting are different than TransUnion's.
"Through our investigation, we have found that multiple aspects of the messages - including the data, formatting, and fields - do not match the data content or formats at TransUnion, indicating that any such data came from a third party," TransUnion said.
"USDoD said the InfraGard user data was made easily available via an Application Programming Interface that is built into several key components of the website that help InfraGard members connect and communicate with each other," Brian Krebs reported at the time.
The data contained the sensitive information of over 80,000 members of InfraGard, an FBI program designed to share intelligence between state and local law enforcement agencies and private sector organizations.