Updated on Wednesday, Sept. 20, 9AM IST:
TransUnion has responded to the report, and released a statement, in which it denies breach of its systems. Read the full statement below:
TransUnion is aware of some limited online activity alleging that data obtained from multiple entities, including TransUnion, will be released. Immediately upon discovering these assertions, we partnered with outside cybersecurity and forensic experts to launch a thorough investigation. At this time, we and our internal and external experts have found no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment.
Through our investigation, we have found that multiple aspects of the messages – including the data, formatting, and fields – do not match the data content or formats at TransUnion, indicating that any such data came from a third party.
Data protection is top priority at TransUnion. We take seriously any assertions regarding our information security and will continue to closely monitor this situation.
Original article
In a recent and audacious cybersecurity incident, the notorious threat actor known as "USDoD" has once again left a trail of breaches, targeting a range of entities, including Deloitte, Interpol, Europol, NATO, and CEPOL. These actions underline the gravity of the threat posed by USDoD, who claims to have gained access to some of these entities and provided DataBreaches with corroborative evidence in the form of screenshots.
USDoD's latest exploits have exposed a significant and alarming pattern of security vulnerabilities in high-profile organizations. The threat actor asserts that Phase 1 of their operations is already accomplished, having secured access to NATO and CEPOL. Their modus operandi involves exploiting weak points within these entities, as they pivot to Phase 2 of their operations.
In the case of CEPOL, USDoD ingeniously gained access by posing as a Greek police officer, utilizing the identity "Gran Kolettis" with the email address g.kolettis[at]police[.]gr. Astonishingly, USDoD went further by providing DataBreaches with an email from this address, thereby confirming their ongoing access to the police officer's email account.
Additionally, USDoD furnished DataBreaches with incriminating screenshots from the NATO Cyber Security Defense Center, which unequivocally demonstrated their successful registration and access. These screenshots, displaying menus accessible only to registered and logged-in users, serve as concrete evidence of their intrusion.
USDoD's infiltration of NATO involved registering under the pseudonym "Karlaina Ustinov" with the email address t.g.papakarmezis[at]army[.]gr. Once again, they showcased their ongoing access by sending DataBreaches an email from this Greek army email account.
These revelations expose the sheer audacity and persistence of the USDoD threat actor. Their ability to infiltrate prominent international organizations raises serious concerns about cybersecurity preparedness and underscores the need for enhanced vigilance and security measures in today's digital landscape.
As these events unfold, the global cybersecurity community will undoubtedly be closely monitoring USDoD's actions, seeking to thwart further breaches and safeguard sensitive information from falling into the wrong hands.