A desktop computer stolen last month from one of the nation's three major credit bureaus contained Social Security numbers and other credit information for as many as 3,600 people, the company confirmed Friday.
TransUnion LLC, which along with Equifax Inc. and Experian Information Solutions checks consumers' credit on behalf of banks and other lenders, acknowledged the security breach after it was first reported last week by the Privacy Times newsletter.
The Chicago-based firm said consumers who may have been affected were notified last month following the early October burglary of a small TransUnion sales office in California. They were offered a year of free credit monitoring and the ability to place a fraud alert on their files.
Spokeswoman Colleen Tunney said the computer was password-protected and was only one of the items stolen, suggesting the credit information was not the target of the burglary. She said TransUnion notified police and has been monitoring the credit reports of the affected consumers closely since.
"At this point we do not believe there is any indication of any fraudulent activity," she said.
Legislation pending in Congress would require companies to inform people if their personal information were compromised.
The data industry prefers a version requiring that people be notified only if a company decides there is a substantial risk that a breach would result in fraud or identity theft.