Posted On November 9, 2022 Consumer Privacy & Data Breaches
On November 7, 2022, TransUnion LLC filed notice of a data breach with the Massachusetts Attorney General’s office after the company learned that an unauthorized party was able to access sensitive consumer data in its possession. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, financial account numbers and driver’s license numbers. After confirming that consumer data was leaked, TransUnion began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the TransUnion data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from TransUnion LLC.
The available information regarding the TransUnion breach comes from the company’s filing with the Attorney General of Massachusetts. However, the information provided on the state’s “Data Breach Notification Report” page is limited and TransUnion has yet to post notice of the breach on its website. Thus, currently, very little is known about the breach or its causes.
However, after discovering that sensitive consumer data was accessible by an unauthorized party, TransUnion began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, financial account numbers and driver’s license numbers.
On November 7, 2022, TransUnion sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
TransUnion LLC is a consumer credit reporting agency based in Chicago, Illinois. The company collects and assembles information on over one billion consumers in more than thirty countries including 200 million Americans. The company has stated that it has information on “every credit-active consumer in the United States.” TransUnion also markets credit reports and other credit and fraud-protection products directly to consumers. TransUnion employs more than 10,200 people and generates approximately $3 billion in annual revenue.
Data breaches involve an unauthorized party—often a criminal of some type—obtaining access to sensitive personal information belonging to consumers. Hackers orchestrate cyberattacks for one of two reasons, either to use the information themselves to commit identity theft and related frauds or to sell the information to a third-party who plans on doing the same. Because cyberattacks have put hundreds of millions of dollars in hackers’ pockets over the years, they have become exceedingly common.
For example, in 2021 alone, there were more than 320 million people affected by data breaches, the largest number in recorded history. And the problem doesn’t appear to be getting much better. So far, the preliminary 2022 numbers suggest only a modest decrease in the total number of cyberattacks and victims. Given the frequency with which these breaches occur and the harms that can follow in their wake, it is important that you know what to do in the event your information is leaked in a data breach.
Below is a list of some of the steps you can take after a data breach to reduce the risk of fraud. Of course, this is not an exhaustive list, and you may consider taking additional steps to protect yourself if a breach compromised highly sensitive information such as your bank account numbers or Social Security number.
After a data breach, companies are legally required to report the incident to those who were affected. The first thing to do after receiving a data breach letter is to carefully review the document to determine whether your information was leaked and, if so, what data was compromised. Data breach letters also contain important information about how the unauthorized party accessed your information, what the company has done since then, and whether there have been any reports of identity theft or fraud from other victims.
Hackers usually try to use any stolen information as quickly as possible to avoid giving a victim time to close their accounts or otherwise limit hackers’ access to their credit. However, hackers might not always be able to immediately carry out their crimes if a breach only contains limited amounts of information. In these cases, hackers need additional information to orchestrate their schemes, which can take time to acquire. Because of this, it may not be until weeks or months after a breach that hackers can use the stolen information. Therefore, it is imperative that you frequently check all your online accounts to monitor for any suspicious activity.
Credit monitoring is a service that alerts you to any suspicious activity related to your credit account. On average, credit monitoring costs about $20 to $40 per month. However, companies almost always offer victims of a data breach free credit monitoring for a period of time—usually between one to two years. Indeed, TransUnion indicates that it will be providing victims of the breach with this service. Signing up for credit monitoring is free and provides you with an easy way to keep an eye on your credit profile. Moreover, signing up for free credit monitoring doesn’t impact your rights to bring a data breach lawsuit against the company that leaked your information if the company was negligent leading up to the breach.
Fraud alerts and credit freezes are free services offered by the major credit bureaus (one of which is TransUnion). A fraud alert puts companies that pull your credit on notice that there is reason to believe that someone may be fraudulently using your information. A credit freeze offers additional protection by preventing any company from pulling your credit without your advance approval. The Identity Theft Resource Center has repeatedly explained that placing a credit freeze on your credit account is the single best way to prevent fraud after a data breach.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the TransUnion data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.