TransUnion has reported a data breach in its South African branch, where a hacker stole sensitive information and demanded the company a hefty ransom.
TransUnion denied paying the ransom and said it’s investigating the issue further. Promising to provide assistance to the affected people, the company said the data belonging to other branches is safe. On the other hand, a Brazilian hacker claimed responsibility for this and is threatening to leak the stolen data.
TransUnion Hacked Due to a Weak Password
TransUnion is an American consumer credit reporting firm that has over 65,000 business clients and maintains credit data of over one billion individuals. In Africa, the company has branches in about eight countries including South Africa and Kenya.
On Friday, TransUnion revealed a data breach incident at its South African branch, where an unknown party has breached one of its servers to steal sensitive data from it. Soon, they deployed cybersecurity experts and digital forensic experts to investigate the incident, while also working with law enforcement and the country’s regulators.
In its statement, TransUnion said only that only the data belonging to the South African branch was breached, while those in Botswana, Kenya, Namibia, Rwanda, Swaziland, Zambia, and Malawi are safe. It further promises to notify the affected individuals and offer free identify protection products.
On the other side of the story, a Brazilian hacker group named N4ughtysecTU claimed this attack and said they had downloaded over 4TB of data during the breach. They started to compromise a poorly secured SFTP server of TransUnion, which led them to get hands-on data of about 54 million customers.
And the interesting part, they simply brute-forced into this server to gain the credentials, which had a password as “Password“! And since TransUnion has declined their demand of $15,000,000 in Bitcoin ransom, the N4ughtysecTU is now threatening to leak the stolen data.