International credit bureau TransUnion warned that threat actors compromised a company server based in South Africa using stolen credentials.
International credit bureau TransUnion warned that threat actors compromised a company server based in South Africa using stolen credentials.
“A criminal third party obtained access to a TransUnion South Africa server through misuse of an authorised client’s credentials. We have received an extortion demand and it will not be paid.” reads the statement published by the company.
TransUnion informed law enforcement and the country’s regulators. The company has declared that it will not pay the ransom and hired forensic and cybersecurity experts to investigate the extent of the security expert.
The company states that the security breach only affected an isolated server carrying limited data from South African businesses.
“We are engaging clients in South Africa about this incident. As our investigation progresses, we will notify and assist individuals whose personal data may have been affected. We will be making identity protection products available to impacted consumers free of charge.” continues the statement.
“The security and protection of the information we hold is TransUnion’s top priority”, said Lee Naik, CEO of TransUnion South Africa. “We understand that situations like this can be unsettling and TransUnion South Africa remains committed to assisting anyone whose information may have been affected.”
A Brazilian hacking group known as "N4ughtysecTU" has claimed accountability for the attack and informed BleepingComputer that they downloaded 4TB of data during the cyberattack.
The threat actors claim to have hacked a poorly secured TransUnion SFTP server and stolen data containing roughly 54 million customers.
The "N4ughtysecTu" threat actor also told BleepingComputer that they didn't steal any user credentials but performed a brute force attack on the SFTP server.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?