Speaker, Author, Consultant, Fraud Examiner

You may remember me writing about the Equifax breach back in 2017. Or the Experian incident. Or the AT&T data compromise last year, which exposed Social Security numbers and other very personal data. Well — now it’s TransUnion’s turn. On July 28, 2025, more than 4.4 million people had their personal information exposed in yet another breach.

This isn’t just news.

It’s a reminder: no matter how tech evolves or regulations strengthen, data is fragile. Once exposed, it never truly un-exposes.

What Was Exposed & How Bad Is It

The TransUnion breach reportedly exposed names, addresses, Social Security numbers, and other personally identifiable information (PII). Because Social Security numbers are permanent, this kind of breach carries long-term risk.

Compare that with past breaches:

  • In Equifax (2017), tens of millions had their SSNs and personal data leaked.

  • Experian’s glitch (2022) home address / PII exposures.

  • AT&T’s breach last year included SSNs and other personal info.

Each breach had its own nuances, but the pattern’s consistent: exposure of Permanent identifiers, exposure of data that can’t be taken back once leaked.

The Risks You Face

When your SSN or other PII gets exposed:

  • Identity theft (opening of accounts in your name)

  • Tax fraud (filing in your name)

  • Phishing / spear-phishing attacks

  • Difficulty correcting issues (once your info is duplicated or misused)

In short: there’s no “undo” button once the data is out.

What You Should Do Now

Here are steps I strongly recommend everyone take—now:

  1. Check if you’re affected. TransUnion typically has some sort of notification or look-up service.

  2. Monitor credit reports from all three credit bureaus. You’re entitled to a free one from each annually (or more, in response to a breach).

  3. Freeze your credit at all 3 bureaus. Freezing your credit prevents new lines of credit in your name. Keep it frozen always. It is easy to unfreeze to buy a car, get a new credit card, etc. but then refreeze it again. Always.

  4. Use identity monitoring tools. Many credit card companies flag suspicious activity tied to your SSN. Pay attention.

  5. Change passwords and enable two-factor authentication (2FA). For all your financial accounts, email, etc.

  6. Check past documents and mail. Some of your SSNs or personal data might be in old tax returns, medical files, business records—make sure those are stored securely or shredded. I shred anything that has personal inf on it, including prescription receipts, etc.

For Businesses & Professionals

  • If you handle client or patient data (PRACTICES, CPAs, consultants), review your data security policies.

  • Limit how much patient PII you collect/retain.

  • Regularly audit who has access to sensitive data.

  • Use encryption for storage & transit.

  • Stay aware of legal obligations (HIPAA, state laws, etc.).

Closing Thought

We can’t prevent every breach. But what we can control is how we respond. If TransUnion has shown us anything, it’s that no one is immune. What matters is whether you take action—fast.

Be proactive. Check your credit. Secure your information. Talk to your family or staff about this.

Because when it comes to your identity, prevention isn’t optional—it’s essential.