Hackers are demanding a ransom of $15 million for the return of 54 million customer records that were stolen from a server run by the credit bureau TransUnion in South Africa.
TransUnion reports that the cybercriminals were able to access sensitive data by exploiting the compromised credentials of one of the company’s clients. The hacking group behind the attack claims the data downloaded was secured with a password of “password.”
The exposed data may contain personal information, including telephone numbers, email addresses, identity numbers, physical addresses, and some credit scores.
The group responsible, known as N4aughtysecTU, is insisting on $15 million worth of cryptocurrency for the safe return of the stolen files. In response to the breach, TransUnion has temporarily taken some of its infrastructure offline and enlisted external experts to investigate the situation.
In a controversial move, TransUnion has stated that customers affected by this incident will be offered a complimentary annual subscription to its TrueIdentity identity protection service.