Skip to main content

Data Security

The security and protection of consumer information is the highest priority for TransUnion.

Data Security

The security and protection of consumer information is the highest priority for TransUnion.

Our Security

Data security and stewardship is vital to consumer protection and enabling trust. At TransUnion, we continually invest in improvements to protect the data we hold on behalf of consumers and businesses.

To maintain a comprehensive information security program consistent to our size and complexity, we secure and protect the information entrusted to us by building, monitoring and defending security ecosystem  built on a foundation of compliance and accountability. We proactively manage our programs and continuously invest to secure the data we hold on behalf of consumers and businesses.

Our Strategy, Plans and Programs

The priorities of TransUnion’s information security program are:

  • Decrease targets for our adversaries while ensuring no asset is hidden from our security teams
  • Take a proactive security stance by searching for threats and risk inducing points in our enterprise
  • Lead the industry in defining security standards and grow consumer trust
  • Reduce our threat exposure by focusing where exploitation is more likely and consequential

Information Security Compliance and Regulations

TransUnion is committed to aligning with industry-leading, cyber risk management best practices, and complying with all legal and regulatory requirements. Our information security program is fundamentally based on ISO\IEC 27001:2013; it includes a global-level Information Security Department that develops the company’s security policies, standards and procedures. This department centrally administers security on the major corporate platforms, and oversees the administration of other systems and platforms. Additionally, TransUnion maintains several information security certifications annually, including Payment Card Industry (PCI), SSAE 18 SOC II Type II and ISO 27001.

To maintain certifications and align with best practices, we conduct regular cybersecurity-related audits and assessments both internally and externally. Our internal and external independent security audits and assessments are conducted at least annually. Continuously and successfully completing these industry certifications demonstrates TransUnion’s commitment to security and adherence to industry expected benchmarks.

For more details on information security, please refer to our 2022 Sustainability Report.