TransUnion reported a data breach affecting 4.4 million Americans after hackers infiltrated the company’s Salesforce account on July 28, 2025, with the intrusion discovered two days later. The ShinyHunters cybercriminal group claims responsibility and states they actually stole over 13 million records globally, with the breach exposing names, addresses, phone numbers, email addresses, dates of birth, and unredacted Social Security numbers despite TransUnion describing the data as “limited.” The stolen information, which also includes customer support tickets and transaction reasons like credit report requests, provides sufficient detail for identity theft, fraudulent account opening, and targeted phishing attacks. TransUnion is offering 24 months of free credit monitoring and identity theft protection to affected users, while security experts recommend placing credit freezes with all three major credit bureaus, monitoring financial accounts closely, and exercising caution with incoming communications as attackers may impersonate banks or government agencies using the stolen contact information.