Researchers from vx-underground reported on Sunday that the threat actor “USDoD” stole and leaked sensitive customer information from TransUnion. The leaked database features the personal identifiable information (PII) of 58,505 individuals from various countries, including the United States.

The oldest data point in the database is from March 2, 2022, which could indicate the date of the breach. The leaked PII includes identities, employment histories, financial records, loan information, and TransUnion-specific data. USDoD was recently in the news for exposing the personal information of 3,200 Airbus vendors on September 11 and threatening to do the same to Raytheon and Lockheed Martin. The threat actor also revealed he accessed Airbus’s data using employee credentials from a Turkish airline. Hudson Rock investigators discovered that the threat actor likely infected a Turkish computer with RedLine stealer malware after the employee tried to download a pirated version of Microsoft .NET. USDoD notably hacked the FBI’s InfraGuard US critical infrastructure intelligence portal in 2022 and attempted to sell the contact information of 80,000 private individuals on a cybercrime forum. The threat actor announced on “BreachForums” that he is now a member of the Ransomed group.

Read More: