28-08-25, 11:19 PM
Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States, with BleepingComputer learning the data was stolen from it's Salesforce account. The breach occurred on July 28, 2025, and was discovered two days later.
A wave of Salesforce data theft attacks has impacted numerous companies this year, including Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel, and Qantas. These attacks have been conducted by the Shiny Hunters extortion group, and more recently, by a cluster tracked as UNC6395. After publishing this story, BleepingComputer confirmed with ShinyHunters, that TransUnion's data breach is linked to these Salesforce attacks, with the data also containing Social Security Numbers.
