MoneyGram now says customer data was impacted in security incident

MoneyGram
(Image credit: MoneyGram)

MoneyGram has confirmed it did lose sensitive customer data in the recent cyberattack against its business.

In a data breach notification letter sent to affected customers and published on the company’s website, hackers were able to access MoneyGram’s networks for two days, between September 20 and September 22.

During that time, they exfiltrated people’s names, phone numbers, email addresses, postal addresses, dates of birth, Social Security Numbers, copies of government-issued documents (for example, driver’s licenses), miscellaneous identification documents (utility bills, and such), bank account numbers, MoneyGram Plus Rewards numbers, transaction information (dates, amounts, and more), and criminal investigation information (such as fraud).

Not a ransomware attack

That’s more than enough for phishing, identity theft, and even wire fraud. At this time, we don’t know how many people are affected by this incident, but we do know that the type of information stolen varies from person to person.

MoneyGram is a global money transfer and payment services company that enables individuals and businesses to send and receive funds internationally. It offers services including peer-to-peer money transfers, bill payments, and money orders, with operations in over 200 countries and territories.

On September 20, its customers took to social media (X, Facebook, Reddit) to complain about services not working properly, the website being offline, and other worries. Three days later, the company responded to the claims, saying it was experiencing a network outage, and later confirmed it suffered a “cybersecurity issue.” In response to this issue, MoneyGram shut down parts of its IT systems, including both online and in-person transactions.

This led to the media, and customers, speculating that MoneyGram had suffered a ransomware attack, even though no threat actors claimed responsibility - but days later, the company sent a letter to its stakeholders to confirm that this was not the case.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.