The cybercriminal named USDoD, who recently joined the group RansomedVC, has reportedly exposed sensitive data purportedly obtained from TransUnion, a prominent credit reporting agency.
The compromised database resulting from the TransUnion cyber attack included a wealth of information, encompassing customer names, passport data, loan balances, and more.
USDoD, who claims no affiliation with Russia, asserted possession of a substantial data haul exceeding 3GB, allegedly extracted from the TransUnion cyber attack.
TransUnion Cyber Attack: What We Know So Far!
“The database appears to be compromised on March 2nd, 2022,” tweeted VX-Underground, a firm that manages one of the largest malware repositories.
USDoD managed to pilfer the sensitive data of nearly 58,505 individuals from the TransUnion cyber attack.
TransUnion handles information of over one billion individuals belonging to over 30 countries. It offers services including however not limited to credit protection, credit score, credit report, and identity theft solutions.
After learning about the data leak TransUnion, a Twitter user expressed their privacy concern by writing, “…What happens when the company whose services include identity theft protection, by notifying you when changes are made to your credit, are themselves breached and can result in identity theft and changes to one’s credit rating?”
Besides the above-mentioned data, USDoD also claimed to possess the following information, reportedly sourced from the TransUnion cyber attack–
- Internal TransUnion identifiers
- Gender
- Place and date of birth
- Civil status (argued to be marital status)
- Age
- Current employer
- Employer information
- Financial transaction summary
- Credit score
- Loans taken
- Company giving the loan
- Earlier records of TransUnion monitoring client data
Falcon Feeds, a Threat Intelligence platform tweeted the above screenshot from the Breach Forum of USDoD posting about the cyber attack on TransUnion. The post was titled, “TransUnion Data Breach feat- I’m Not Pro-Russian and I’m Not a Terrorist!”
USDoD wrote that the data breach of TransUnion was launched by them and the RansomedVC group, which they recently joined.
However, Dominic Alvieri tweeted about the latest update on the collaboration of the two being dissolved.
Dominic wrote, “USDoD has now left the group & solo.” This news was further confirmed by the last few sentences written by USDoD on the TransUnion data breach post.
They wrote, “Thanks for the ride and good luck in your business ransomed.”
Dominic Alvieri earlier tweeted that the RansomedVC group was banned from Telegram after which they opened an account on Twitter/ X. The TransUnion ransomware attack was likely the last breach by RansomedVC and USDoD together.
USDoD leaked sensitive data from the Airbus cyber attack last week. The cybercriminal stole names, addresses, and other data and posted publicly on the breach forum.
Airbus, which is a global leader in commercial aircraft and serves the defence agencies with Aviation and Aerospace components replied to The Cyber Express by email.
They wrote, “We are investigating information concerning a cyber event involving Airbus. As a major high-tech and industrial player, Airbus is also a target for malicious actors.”
What We Know about USDoD
In a recent interview with Databreaches, it was noted that USDoD is a man in his mid 30s. He is in a relationship with a doctor and she is aware of his cybercrime activities, according to the interview. He was born in South America, moved to Portugal, and presently lives in Spain.
He speaks English, German, and Portuguese and is learning the Russian language. USDoD started hacking in 1999 when he was 11 years old after joining a gaming company in Brazil. He took down a pedophile using his skills.
A moderator of that community who was also a developer for r3x software led USDoD to get better at hacking and other activities. He continued learning how to launch cyber attacks by trying it on local labs and other websites.
USDoD said that they prefer hacking small and unknown companies. However, they have claimed data leaks of Airbus, and the FBI.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
