All active MDLs
MDL 3170Data Privacy & Security

Trans Union, LLC, Customer Data Security Breach Litigation

The technical causation involves the exploitation of OAuth tokens via social engineering or security lapses, leading to unauthorized access to sensitive PII. The compromised data enables identity theft and fraud through synthetic identities, account takeovers, and false filings. Legally, courts assess whether the breach was a proximate cause of the injuries, considering foreseeability and direct causation, as seen in cases like Target and Equifax breaches.

ILNSr. District Judge Robert W. GettlemanMaster docket 1:25-cv-10320Source: JPML · Updated June 1, 2026

63

Pending actions

67

Total actions filed

Active

Status

12/16/2025

Established

Who qualifies

Plaintiffs must demonstrate that their personally identifiable information (PII) was compromised due to the breach and that this breach directly caused their injuries, such as identity theft or financial loss. The injuries must be a foreseeable consequence of the breach, with plaintiffs providing evidence of actual harm or increased risk of harm.

Products involved

  • TransUnion consumer data systems

Alleged injuries

  • identity theft
  • fraud
  • financial loss
  • emotional distress

This page is generated from the official JPML pending-MDL report and public court records, refreshed monthly. It is provided for attorney reference and is not legal advice.

MDL Match

Your next intake could have a mass tort hiding in it.

Screen it against 158+ active MDLs. Takes under 60 seconds.

Start matching now