US consumer credit reporting agency TransUnion has said it experienced a July data breach which impacted the personal data of over 4.4 million customers.
In a filing submitted to the Maine attorney general, the company disclosed that it had suffered a breach on 28 July.
The filing, put forward by the company’s senior privacy counsel Sanjana Palla, reveals that the data breach was discovered two days later on 30 July.
In total, 4,461,511 people were affected by the breach.
“TransUnion recently experienced a cyber incident that affected a third-party application serving our US consumer support operations,” said TransUnion in a statement. “Upon discovery, we quickly contained the issue, which did not involve our core credit database or include credit reports.”
The company said that the incident involved unauthorised access to limited personal information for a “very small percentage of US consumers”, adding that it is working with law enforcement and has engaged third party cyber security experts for an independent forensics review.
