CRITICAL SEVERITYFinancial

Transunion Data Breach

TransUnion Credit Bureau Breach (Salesforce, 2025): 13 Million Customer Records Including SSN & Home Address Exposed

Credit reporting and information services company.

Verified by ObscureIQ Intelligence
Xinf@

10.0Severity
13.1MRecords
5Fields
2025Year

ObscureIQ Breach Intelligence Scores
0.0
Breach Risk Index
33
Data Value
0
Market Recency
0
days
Since Breach

Risk Interpretation

Severe risk similar to Experian. Enables identity theft, fraud, and long-term financial exploitation. Data persistence and widespread use across institutions amplify downstream harm.

🎯 Impact & Downstream Threats

TransUnion was among the approximately 39 organizations listed on the Scattered LAPSUS$ Hunters dark web leak site in October 2025. The exposed records included names, email addresses, phone numbers, home addresses, and Social Security numbers — a particularly sensitive combination given TransUnion's identity as a credit bureau whose data sits at the center of identity theft risk frameworks. The irony of a credit bureau being listed in a mass identity data exposure was noted widely in security r

Primary downstream threats:
  • Identity theft and synthetic identity construction using government-issued IDs
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure

🔓 Threat Vectors

Phishing, credential stuffing & account takeover
Name-based social engineering
SIM swapping, vishing & SMS phishing
Physical stalking, mail fraud & identity verification
Home targeting, stalking & physical threat
Full identity theft & synthetic identity fraud

📋 Breach Intelligence

EntityTransunion (TransUnion)
OrganizationPublic Company • USA / Global
Breach Date2025-10-10
Disclosure2025-08-27
DBC Added2025-10-03
Records~13.1M (13,107,653 records)
Attack VectorUnknown
Threat ActorScattered Lapsus$ Hunters
Data SubjectsCustomer: Indirect
Breach PathwaySupply_Chain:Platform
Supply ChainSalesforce
SourceDataBreach.com / ObscureIQ
SensitivityStandard
CA Reported2025-08-27
TX Published2025-09-04
Breach ID1352.0
StatusConfirmed

📝 Executive Summary

TransUnion, one of the three major U.S. consumer credit reporting bureaus, was listed among approximately 39 organizations targeted by a group calling itself "Scattered LAPSUS$ Hunters" in October 2025. The attackers accessed data through a supply chain pathway linked to Salesforce, which attributed the campaign to customer-side integration vulnerabilities rather than a compromise of its core platform. On October 3, 2025, the group published a sample of the stolen database, with the full dataset of 13.1 million records reportedly scheduled for release on October 10, 2025. The exposed data includes full names, email addresses, phone numbers, home addresses, and Social Security numbers, though SSNs appear in roughly 1% of sampled records. The breach also exposed customer account details, support chat transcripts, IP addresses, and authentication status flags. Because TransUnion operates at the center of the U.S. credit and identity verification system, this combination of data is particularly dangerous. Criminals can use it to open fraudulent accounts, bypass identity checks, and cause lasting damage to victims' credit profiles. TransUnion has not issued detailed public statements about the specific scope of its exposure in this campaign. No regulatory actions or formal notifications have been publicly confirmed as of the time of this report. Affected individuals face a severe and persistent risk of identity theft and financial fraud. Anyone who believes they may be affected should consider placing a credit freeze with all three major bureaus, monitoring their credit reports closely, and watching for signs of account takeover or unauthorized financial activity.

🏢 About Transunion

TransUnion is one of the three major U.S. consumer credit reporting bureaus, collecting and maintaining credit histories on hundreds of millions of individuals globally. The company is publicly traded on the NYSE and headquartered in Chicago. Beyond credit reporting, it provides fraud detection, identity verification, marketing analytics, and risk management services to financial institutions, insurers, and employers in more than 30 countries.

Company | Credit reporting and financial data analytics | Data aggregation and scoring services | Global
Public CompanyUSA / Globaltransunion.com

🗂 Why They Hold Your Data

Credit reporting agencies aggregate identity, credit, financial, and behavioral data across individuals, including credit scores, account histories, addresses, and employment-related information.

📰 Recent Developments

TransUnion has continued expanding its international data and analytics footprint, with particular focus on financial services risk products and identity verification. The company has been investing in AI-driven fraud detection capabilities. It has also faced scrutiny from consumer advocates over data accuracy and access practices under the Fair Credit Reporting Act. The 2025 Salesforce campaign was the most significant data security event of the period.

🔍 Data Points Exposed

5 verified field types:
Social Security Number
Email
Phone Number
Name
Home Address

Exposure Categories

CredentialsSSN
LocationPHYS ADDR

State-Reported Affected Data Types

Social Security Number Information

Canonical Fields

email_address, full_name, phone_number, physical_address:home, ssn

🌐 Dark Web Verification

Confirmed
  • Dataset containing ~13.1M records identified in breach intelligence sources
  • Data indexed and searchable across breach notification platforms
  • Source: transunion-salesforce-2025

🛡 Recommended Actions

⚠️ Do not assume this is low sensitivity.

1Freeze Your Credit
Place a credit freeze with Equifax, Experian, and TransUnion.
2Expect Targeted Phishing
Watch for emails referencing this breach. Verify through official channels.
3Enable MFA Everywhere
Enable multi-factor authentication on all accounts.
4Monitor Accounts
Watch for unauthorized activity on financial and personal accounts.
5Check Your Exposure
ObscureIQ clients: this breach is indexed in your profile.

Protect Yourself

Check If You’re Affected

Enter your email to check if your data appears in this breach.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed.

High-Risk? Get an Exposure Audit

Full-spectrum exposure audits for executives and public figures.

Request Consultation

ObscureIQ Advisory

We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.

If you are:
  • A public-facing individual
  • A high-profile executive
  • A customer of Transunion
  • Or concerned about credential reuse
Services
AuditsWipesThreat MonitoringTraining
Contact
Phone(855) 763-7273Emailinfo@obscureiq.com

Classification Tags

FinancialEmailPhoneAddress

Powered by the ObscureIQ Breach Intelligence Database

© 2026 ObscureIQ · All Rights Reserved · Data Licensing

Latest from ObscureIQ

Credit

What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)

July 14, 2025
Every time there’s a major data breach, companies scramble to offer “free” credit monitoring. It sounds like a responsible move.…
breach economycredit freezecredit scoreequifaxexperian
Credible Threats

Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.

September 2, 2025
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars. Over 80% of security incidents now start in the browser. Chrome.…
brave browserbreachesbrowser exploitbrowserschrome
Analysis

Sextortion Spam

May 10, 2025
Sextortion scams aren’t new, but they remain one of the most effective forms of cyber-enabled fraud. These scams don’t rely…
bitcoindeadlinefeargoogle maps apiransom