2 min read

Hackers demand $15 million ransom from TransUnion after cracking "password" password

Graham CLULEY

March 21, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hackers demand $15 million ransom from TransUnion after cracking "password" password

International credit bureau TransUnion says that hackers managed to breach a server operated by its South African division, and gained access to the personal information of individuals.

According to an FAQ published by TransUnion South Africa, the cybercriminals gained access to the sensitive data by using the compromised credentials of one of the company's clients.

The firm says that the exposed data "may include personal information, such as telephone numbers, email addresses, identity numbers, physical addresses, and some credit scores."

As a precaution, TransUnion South Africa took some of its infrastructure offline temporarily while it investigated what had gone wrong.

A Brazilian hacking group calling itself N4aughtysecTU has claimed responsibility for the data breach, and has told the press that it stole 4TB of data, containing the records of 54 million customers.

Embarrassingly, the hackers claim that the account they compromised to gain access to data on TransUnion's server was protected with a password of "password".

N4aughtysecTU sent an extortion demand to TransUnion South Africa that requests R223 million (approximately US $15 million) in cryptocurrency in exchange for not releasing the stolen data.

The hackers have also threatened to access TransUnion's clients with financial demands.

TransUnion South Africa says it will not pay the ransom, and that it has brought in cybersecurity experts to assist in its response to the incident.

In addition, TransUnion has attempted to debunk N4aughtysecTU's claims that 54 million records have been exposed, claiming that those records relate to a 2017 data incident not involving TransUnion.

What TransUnion South Africa isn't saying is just how many individuals may be affected by the breach, or how much data the hackers may have accessed, beyond their generic claim that it believes "the incident impacted an isolated server holding limited data from [its] South African business."

For those victims who have had their data breached it is particularly galling.  They may have little reason to have ever heard of TransUnion South Africa, let done direct business with them. However, companies will have made use of TransUnion’s credit-checking services to determine if consumers should be approved for a loan or allowed to open an account.

TransUnion says it is offering individuals whose personal data may have been affected by the breach a free annual subscription to the TrueIdentity identity protection run by ... err... TransUnion.

Yes, TransUnion had your personal data without your knowledge or permission.  TransUnion suffered a data breach which resulted in that data ending up in the hands of hackers.  TransUnion says you can use its products to protect yourself from identity thieves.

Surely the best protection of all would have been if they hadn't been storing people's data with inadequate security in the first place.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read
Hackers Breach New Zealand Health Insurer Accuro Hackers Breach New Zealand Health Insurer Accuro
Filip TRUȚĂ

December 02, 2022

2 min read
Flaw allowed man to access private information of other Brinks Home Security customers Flaw allowed man to access private information of other Brinks Home Security customers
Graham CLULEY

November 30, 2022

2 min read