An unauthorized person was able to gain access to a TransUnion Canada web portal and use it to pull consumer credit files. This was done by using credentials stolen from a customer who had access to the portal. This is not a data breach, but it is still concerning as they would have been able to query for a consumer’s credit file. The information exposed in this security incident could easily be used by the attacker for identity theft, it is strongly recommended that all affected users monitor their credit history for fraudulent activity or new unauthorized lines of credit.
Source: https://www.bleepingcomputer.com/news/security/credit-info-exposed-in-transunion-data-security-incident/