home.social

#transunion — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #transunion, aggregated by home.social.

  1. TransUnion becomes the only MTA provider for YouTube in Google partnership: TransUnion and Google integrate YouTube into multi-touch attribution, letting advertisers measure video's role across the full media mix for the first time. ppc.land/transunion-becomes-th #TransUnion #GooglePartnership #YouTubeMarketing #MTA #Attribution

  2. TransUnion becomes the only MTA provider for YouTube in Google partnership: TransUnion and Google integrate YouTube into multi-touch attribution, letting advertisers measure video's role across the full media mix for the first time. ppc.land/transunion-becomes-th #TransUnion #GooglePartnership #YouTubeMarketing #MTA #Attribution

  3. TransUnion becomes the only MTA provider for YouTube in Google partnership: TransUnion and Google integrate YouTube into multi-touch attribution, letting advertisers measure video's role across the full media mix for the first time. ppc.land/transunion-becomes-th #TransUnion #GooglePartnership #YouTubeMarketing #MTA #Attribution

  4. Lawmakers Demand Answers About Growing Number of Unfixed Mistakes on #CreditReports

    found that 2 of the 3 major #creditBureaus#TransUnion & #Experian — had substantially scaled back how often they provided relief to complaints filed through the #ConsumerFinancialProtectionBureau. The decline in relief coincided with the #Trump admin’s attempts to conduct mass #layoffs at the #CFPB & roll back much of its #oversight of the #financial sector.
    #maga #privacy #finance

    propublica.org/article/credit-

  5. Lawmakers Demand Answers About Growing Number of Unfixed Mistakes on #CreditReports

    found that 2 of the 3 major #creditBureaus#TransUnion & #Experian — had substantially scaled back how often they provided relief to complaints filed through the #ConsumerFinancialProtectionBureau. The decline in relief coincided with the #Trump admin’s attempts to conduct mass #layoffs at the #CFPB & roll back much of its #oversight of the #financial sector.
    #maga #privacy #finance

    propublica.org/article/credit-

  6. Lawmakers Demand Answers About Growing Number of Unfixed Mistakes on #CreditReports

    found that 2 of the 3 major #creditBureaus#TransUnion & #Experian — had substantially scaled back how often they provided relief to complaints filed through the #ConsumerFinancialProtectionBureau. The decline in relief coincided with the #Trump admin’s attempts to conduct mass #layoffs at the #CFPB & roll back much of its #oversight of the #financial sector.
    #maga #privacy #finance

    propublica.org/article/credit-

  7. Lawmakers Demand Answers About Growing Number of Unfixed Mistakes on

    found that 2 of the 3 major & — had substantially scaled back how often they provided relief to complaints filed through the . The decline in relief coincided with the admin’s attempts to conduct mass at the & roll back much of its of the sector.

    propublica.org/article/credit-

  8. Lawmakers Demand Answers About Growing Number of Unfixed Mistakes on #CreditReports

    found that 2 of the 3 major #creditBureaus#TransUnion & #Experian — had substantially scaled back how often they provided relief to complaints filed through the #ConsumerFinancialProtectionBureau. The decline in relief coincided with the #Trump admin’s attempts to conduct mass #layoffs at the #CFPB & roll back much of its #oversight of the #financial sector.
    #maga #privacy #finance

    propublica.org/article/credit-

  9. Mujer costarricense lidera equipos globales de IA y ciencia de datos desde el país

    Mujer costarricense lidera equipos globales de IA y ciencia de datos desde el país
    San José, 19 mar (elmundo.cr) – Stefanny Quesada Navarro, líder costarricense en ciencia de datos en TransUnion®, refleja la creciente presencia de mujeres en carreras STEM en Centroamérica. Desde Heredia lidera equipos especializados en ciencia de [...]

    #GCC #StefannyQuesadaNavarro #Tendencias #TransUnion

    elmundo.cr/tendencias/mujer-co

  10. Edmonton woman frustrated by 18-month battle with Equifax and TransUnion to fix credit rating

    cbc.ca/news/gopublic/credit-ra
    - - -
    Une femme d’Edmonton frustrée par une bataille de 18 mois avec Equifax et TransUnion pour corriger sa cote de crédit

    // Article en anglais //

    #Canada #Equifax #TransUnion

  11. Edmonton woman frustrated by 18-month battle with Equifax and TransUnion to fix credit rating

    cbc.ca/news/gopublic/credit-ra
    - - -
    Une femme d’Edmonton frustrée par une bataille de 18 mois avec Equifax et TransUnion pour corriger sa cote de crédit

    // Article en anglais //

    #Canada #Equifax #TransUnion

  12. Costa Rica fortalece su posición como Hub de Centros de Capacidad Global

    Costa Rica fortalece su posición como Hub de Centros de Capacidad Global
    San José, 07 ene (elmundo.cr) – Costa Rica continúa ofreciendo condiciones ideales para el establecimiento de centros de excelencia. A lo largo de los años, el país ha atraído una variedad de modelos de prestación de servicios, incluidos los Centros de Servicios Compartidos (SS [...]

    #CINDE #EconomíaYNegocios #HUB #TransUnion

    elmundo.cr/economia-y-negocios

  13. Credit cards now dominate as shoppers plan record holiday spending: TransUnion Q4 2025 study shows 42% of Americans will rely on credit cards for holiday purchases, up from 38% last year, as 58% plan to spend over $250 despite inflation. ppc.land/credit-cards-now-domi #CreditCards #HolidaySpending #ConsumerTrends #TransUnion #FinancialPlanning

  14. Credit cards now dominate as shoppers plan record holiday spending: TransUnion Q4 2025 study shows 42% of Americans will rely on credit cards for holiday purchases, up from 38% last year, as 58% plan to spend over $250 despite inflation. ppc.land/credit-cards-now-domi #CreditCards #HolidaySpending #ConsumerTrends #TransUnion #FinancialPlanning

  15. Credit cards now dominate as shoppers plan record holiday spending: TransUnion Q4 2025 study shows 42% of Americans will rely on credit cards for holiday purchases, up from 38% last year, as 58% plan to spend over $250 despite inflation. ppc.land/credit-cards-now-domi #CreditCards #HolidaySpending #ConsumerTrends #TransUnion #FinancialPlanning

  16. Credit cards now dominate as shoppers plan record holiday spending: TransUnion Q4 2025 study shows 42% of Americans will rely on credit cards for holiday purchases, up from 38% last year, as 58% plan to spend over $250 despite inflation. ppc.land/credit-cards-now-domi #CreditCards #HolidaySpending #ConsumerTrends #TransUnion #FinancialPlanning

  17. Credit cards now dominate as shoppers plan record holiday spending: TransUnion Q4 2025 study shows 42% of Americans will rely on credit cards for holiday purchases, up from 38% last year, as 58% plan to spend over $250 despite inflation. ppc.land/credit-cards-now-domi #CreditCards #HolidaySpending #ConsumerTrends #TransUnion #FinancialPlanning

  18. Redefiniendo el crecimiento: cómo el mercado laboral costarricense está creando oportunidades inclusivas y de alto valor

    Redefiniendo el crecimiento: cómo el mercado laboral costarricense está creando oportunidades inclusivas y de alto valor
    San José, 26 nov (elmundo.cr) – El mercado laboral costarricense está experimentando una poderosa transformación. Lo que antes se medía principalmente en números [...]

    #CINDE #EconomíaYNegocios #GAM #MercadoLaboral #PIB #TransUnion

    elmundo.cr/economia-y-negocios

  19. Car Loan Delinquencies Hit Record For Riskiest Borrowers – Bloomberg.com

    Car Loan Delinquencies Hit Record For Riskiest Borrowers  Bloomberg.comAmericans Are More Upside Down on Car Loans Than Ever —…
    #NewsBeep #News #Economy #Amazon.comInc #Atlanta #Business #CA #Canada #economicgrowth #Elections #employment #FederalReserve #inflation #SEEM #TransUnion #Virginia #Wealth
    newsbeep.com/ca/278354/

  20. Another credit reporting agency breach, another terrible breach notification letter

    TransUnion is bad at security and bad at handling security breaches and none of this is going to get better until we have a real federal data privacy law with meaningful penalties for companies which leak people's data.
    #TransUnion #Cyberscout #infosec #privacy #dataBreach #TechIsShitDispatch
    blog.kamens.us/2025/09/25/anot

  21. Another credit reporting agency breach, another terrible breach notification letter

    TransUnion is bad at security and bad at handling security breaches and none of this is going to get better until we have a real federal data privacy law with meaningful penalties for companies which leak people's data.
    #TransUnion #Cyberscout #infosec #privacy #dataBreach #TechIsShitDispatch
    blog.kamens.us/2025/09/25/anot

  22. Another credit reporting agency breach, another terrible breach notification letter

    Recently, in the process of trying to temporarily unfreeze our credit reports so we could apply to something or other I don’t recall, we discovered that my wife’s TransUnion account was broken and inaccessible as a result of the most recent of a long string of changes TransUnion has made to their end-user-facing web apps. My wife had to spend a long time on the phone with TransUnion to get it fixed.

    This, of course, means that she was one of the victims of their recent SalesForce / Drift security breach.

    A few days ago, my wife received this letter from TransUnion (highlighting added by me; image follows, text is at the bottom of this blog posting, for those who need it):

    Let’s talk about all the ways this is terrible.

    First and foremost, of course, is the fact that this breach occurred in the first place. The credit reporting agencies have had breach after breach after breach, with no end in sight. It is patently obvious at this point that they aren’t and never will be secure enough until there are adequate financial incentives in place to make it more expensive to keep allowing these breaches to happen than it would be to do what it takes to prevent them.

    “But this one isn’t actually TransUnion’s fault, it’s SalesForce’s!” Nope. TransUnion is responsible for ensuring that the third-party vendors they use have adequate security. TransUnion is responsible for not outsourcing functions that cannot be adequately secured by third parties. TransUnion is ultimately responsible for the security of the data it holds.

    Moving on, look at the first heading I highlighted above, “What happened?” Now look at the text following it. There isn’t a single word about “what happened.” I only know it’s the SalesForce breach because I’m an information security professional who follows the news about stuff like this. The vast majority of the people who receive this letter will not have a clue how this happened. Putting the section header “What happened?” in your breach notification letter does not actually satisfy your obligation to tell victims what happened. YOU ACTUALLY HAVE TO TELL THEM WHAT HAPPENED.

    Similarly, look at the section headed “What we are doing.” Do you see any concrete information in that section about what they are doing to prevent similar breaches in the future? Of course not, it’s just meaningless generalizations and platitudes, because, as we all know, they are doing NOTHING. They will face no repercussions for the breach, it will barely make a blip in their profit, and nothing will change.

    Heck, they don’t even need to pay a third-party service to provide the fraud assistance and remediation service they’re offering to consumers who were impacted by this breach, because they’ve farmed out responsibility for that to a company they own. “You couldn’t trust us to keep your data safe, but you should trust us to help you deal with the fallout,” is certainly a thing a company can say, but whether anybody actually believes it is a different question entirely.

    TransUnion wants to tell us about “Steps You Can Take to Help Protect Your Personal Information.” Please forgive me for momentarily resorting to profanity as I say, hey, TransUnion, you can fuck off into the sun with that noise. This breach and what you are doing about it plainly demonstrates, for the nth time, that there is nothing anyone in the U.S. can do to adequately protect their personal information, short of dropping off the grid and living in a log cabin in the woods. Until we have meaningful federal data privacy laws (which remains unlikely to ever occur) with substantive penalties for companies failing to protect consumer data, this is going to keep happening, and there’s nothing we can do about it.

    Finally, I want to point out the absolutely amateurish formatting of this breach notification letter, which is in my opinion indicative of the competence (or lack of same) of the people managing this breach (and, therefore, of how important TransUnion really thinks it is to manage the breach competently):

    • As I’ve already mentioned, neither the “What happened?” nor “What are we doing.” sections contain the content they should.
    • “Notice of Data Incident” should be bold, or in a larger font, or both.
    • The leaked information also obviously included people’s names, but they don’t mention that in the “What information was involved?” section.
    • They wrote “8a.m.” without a space, followed immediately by “8 p.m.” with a space.
    • While we’re on the subject, when a time range is written out like that, it should use an en dash, not a hyphen.

    Are some of these minor, petty issues. Absolutely. But in my experience, “minor, petty issues” like this are a strong signal about a company’s overall competence. In other words, maybe these things don’t matter a lot, but they’re a pretty good indicator about the things that do.

    UPDATE: Cyberscout is just as bad at security as the rest of TransUnion

    The login process at Cyberscout, for accessing the free credit monitoring offered by TransUnion as a result of this breach, uses outdated practices:

    Everything about this is wrong:

    • “Update this frequently to keep your account secure” — No! We’ve known for decades that making people change passwords frequently reduces security rather than increasing it. NIST security standards specifically say not to do this.
    • Enforcing password quality by requiring specific character classes — No! There are better ways to enforce password quality without requiring arbitrary types of characters. NIST security standards specifically say not to do this.
    • Using security questions for backup authentication — No! This has never been secure and is even less so now that everybody’s data is out there thanks to the never-ending flow of security breaches. NIST security standards specifically say not to do this.

    They also only support emails, voice calls, and SMS for two-factor authentication:

    This is also no longer considered secure and is explicitly deprecated by NIST security standards.

    The security posture of any company which is still doing the above things in 2025, especially a company whose entire reason for existence is, ostensibly, cybersecurity and privacy, cannot be taken seriously.

    Here is the text of the letter pictured above:

    TransUnion Event
    c/o Cyberscout
    P.O. Box 1286
    Dearborn, MI 48120-9998

    [personal information elided]

    September 9, 2025
    Notice of Data Incident
    To [name elided]:
    We are writing to make you aware of recent unauthorized access to some of your personal data. We are providing details about the resources we are providing to assist you.
    What happened?
    We regret any concern caused by this incident and take seriously the responsibility to help secure consumer information. Below you will find information on what we have done to prevent further improper access, as well as steps you can take to help protect your personal information.
    What information was involved?
    The information was limited to specific data elements and did not include credit reports or core credit information. In your case, the information involved included your SSN and DOB.
    What we are doing.
    TransUnion takes the protection of personal information seriously, which is why we engage in robust, proactive security measures. We continue to enhance our security controls as appropriate to minimize the risk of any similar incident in the future.
    What you can do.
    In response to the incident, we are providing you with access to credit monitoring services that will alert you whenever there is a change to your credit file. We are offering these services at no charge for 42 months from the date you enroll.
    We are also providing you with proactive fraud assistance to help with any questions that you might have now or in the event that you become a victim of fraud. These services will be provided by Cyberscout, a TransUnion company specializing in fraud assistance and remediation services.
    If you have any questions about this matter or would like additional information, please refer to the enclosed Steps You Can Take to Help Protect Your Personal Information or call toll-free 1-800-516-4700. This call center is open Monday through Friday from 8a.m.-8 p.m. Eastern Time, except major holidays.
    Sincerely,
    TransUnion Consumer Relations

    #Cyberscout #dataBreach #infosec #privacy #TransUnion

  23. Another credit reporting agency breach, another terrible breach notification letter

    Recently, in the process of trying to temporarily unfreeze our credit reports so we could apply to something or other I don’t recall, we discovered that my wife’s TransUnion account was broken and inaccessible as a result of the most recent of a long string of changes TransUnion has made to their end-user-facing web apps. My wife had to spend a long time on the phone with TransUnion to get it fixed.

    This, of course, means that she was one of the victims of their recent SalesForce / Drift security breach.

    A few days ago, my wife received this letter from TransUnion (highlighting added by me; image follows, text is at the bottom of this blog posting, for those who need it):

    Let’s talk about all the ways this is terrible.

    First and foremost, of course, is the fact that this breach occurred in the first place. The credit reporting agencies have had breach after breach after breach, with no end in sight. It is patently obvious at this point that they aren’t and never will be secure enough until there are adequate financial incentives in place to make it more expensive to keep allowing these breaches to happen than it would be to do what it takes to prevent them.

    “But this one isn’t actually TransUnion’s fault, it’s SalesForce’s!” Nope. TransUnion is responsible for ensuring that the third-party vendors they use have adequate security. TransUnion is responsible for not outsourcing functions that cannot be adequately secured by third parties. TransUnion is ultimately responsible for the security of the data it holds.

    Moving on, look at the first heading I highlighted above, “What happened?” Now look at the text following it. There isn’t a single word about “what happened.” I only know it’s the SalesForce breach because I’m an information security professional who follows the news about stuff like this. The vast majority of the people who receive this letter will not have a clue how this happened. Putting the section header “What happened?” in your breach notification letter does not actually satisfy your obligation to tell victims what happened. YOU ACTUALLY HAVE TO TELL THEM WHAT HAPPENED.

    Similarly, look at the section headed “What we are doing.” Do you see any concrete information in that section about what they are doing to prevent similar breaches in the future? Of course not, it’s just meaningless generalizations and platitudes, because, as we all know, they are doing NOTHING. They will face no repercussions for the breach, it will barely make a blip in their profit, and nothing will change.

    Heck, they don’t even need to pay a third-party service to provide the fraud assistance and remediation service they’re offering to consumers who were impacted by this breach, because they’ve farmed out responsibility for that to a company they own. “You couldn’t trust us to keep your data safe, but you should trust us to help you deal with the fallout,” is certainly a thing a company can say, but whether anybody actually believes it is a different question entirely.

    TransUnion wants to tell us about “Steps You Can Take to Help Protect Your Personal Information.” Please forgive me for momentarily resorting to profanity as I say, hey, TransUnion, you can fuck off into the sun with that noise. This breach and what you are doing about it plainly demonstrates, for the nth time, that there is nothing anyone in the U.S. can do to adequately protect their personal information, short of dropping off the grid and living in a log cabin in the woods. Until we have meaningful federal data privacy laws (which remains unlikely to ever occur) with substantive penalties for companies failing to protect consumer data, this is going to keep happening, and there’s nothing we can do about it.

    Finally, I want to point out the absolutely amateurish formatting of this breach notification letter, which is in my opinion indicative of the competence (or lack of same) of the people managing this breach (and, therefore, of how important TransUnion really thinks it is to manage the breach competently):

    • As I’ve already mentioned, neither the “What happened?” nor “What are we doing.” sections contain the content they should.
    • “Notice of Data Incident” should be bold, or in a larger font, or both.
    • The leaked information also obviously included people’s names, but they don’t mention that in the “What information was involved?” section.
    • They wrote “8a.m.” without a space, followed immediately by “8 p.m.” with a space.
    • While we’re on the subject, when a time range is written out like that, it should use an en dash, not a hyphen.

    Are some of these minor, petty issues. Absolutely. But in my experience, “minor, petty issues” like this are a strong signal about a company’s overall competence. In other words, maybe these things don’t matter a lot, but they’re a pretty good indicator about the things that do.

    UPDATE: Cyberscout is just as bad at security as the rest of TransUnion

    The login process at Cyberscout, for accessing the free credit monitoring offered by TransUnion as a result of this breach, uses outdated practices:

    Everything about this is wrong:

    • “Update this frequently to keep your account secure” — No! We’ve known for decades that making people change passwords frequently reduces security rather than increasing it. NIST security standards specifically say not to do this.
    • Enforcing password quality by requiring specific character classes — No! There are better ways to enforce password quality without requiring arbitrary types of characters. NIST security standards specifically say not to do this.
    • Using security questions for backup authentication — No! This has never been secure and is even less so now that everybody’s data is out there thanks to the never-ending flow of security breaches. NIST security standards specifically say not to do this.

    They also only support emails, voice calls, and SMS for two-factor authentication:

    This is also no longer considered secure and is explicitly deprecated by NIST security standards.

    The security posture of any company which is still doing the above things in 2025, especially a company whose entire reason for existence is, ostensibly, cybersecurity and privacy, cannot be taken seriously.

    Here is the text of the letter pictured above:

    TransUnion Event
    c/o Cyberscout
    P.O. Box 1286
    Dearborn, MI 48120-9998

    [personal information elided]

    September 9, 2025
    Notice of Data Incident
    To [name elided]:
    We are writing to make you aware of recent unauthorized access to some of your personal data. We are providing details about the resources we are providing to assist you.
    What happened?
    We regret any concern caused by this incident and take seriously the responsibility to help secure consumer information. Below you will find information on what we have done to prevent further improper access, as well as steps you can take to help protect your personal information.
    What information was involved?
    The information was limited to specific data elements and did not include credit reports or core credit information. In your case, the information involved included your SSN and DOB.
    What we are doing.
    TransUnion takes the protection of personal information seriously, which is why we engage in robust, proactive security measures. We continue to enhance our security controls as appropriate to minimize the risk of any similar incident in the future.
    What you can do.
    In response to the incident, we are providing you with access to credit monitoring services that will alert you whenever there is a change to your credit file. We are offering these services at no charge for 42 months from the date you enroll.
    We are also providing you with proactive fraud assistance to help with any questions that you might have now or in the event that you become a victim of fraud. These services will be provided by Cyberscout, a TransUnion company specializing in fraud assistance and remediation services.
    If you have any questions about this matter or would like additional information, please refer to the enclosed Steps You Can Take to Help Protect Your Personal Information or call toll-free 1-800-516-4700. This call center is open Monday through Friday from 8a.m.-8 p.m. Eastern Time, except major holidays.
    Sincerely,
    TransUnion Consumer Relations

    #Cyberscout #dataBreach #infosec #privacy #TransUnion

  24. Massive TransUnion breach leaks personal data of 4.4 million customers - what to do now zdnet.com/article/massive-tran by @sjvn

    Do yourself a favor and freeze your credit not only at #TransUnion, but also at all three major credit reporting agencies.

  25. Massive TransUnion breach leaks personal data of 4.4 million customers - what to do now zdnet.com/article/massive-tran by @sjvn

    Do yourself a favor and freeze your credit not only at #TransUnion, but also at all three major credit reporting agencies.

  26. Credit giant #TransUnion confirms 3rd-party cyberattack allowing attackers to steal names, birth dates, phone numbers and Social Security numbers of 4.4 million US consumers.

    Read: hackread.com/transunion-data-b

    #CyberSecurity #Salesforce #DataBreach #CyberAttack

  27. Credit giant confirms 3rd-party cyberattack allowing attackers to steal names, birth dates, phone numbers and Social Security numbers of 4.4 million US consumers.

    Read: hackread.com/transunion-data-b

  28. I think people forget, or never knew, just how many third parties have access to their credit information and profiles which include far more than just your scores. #privacy #transunion techcrunch.com/2025/08/28/tran