MoneyGram says no evidence ransomware is behind recent cyberattack

MoneyGram
(Image credit: MoneyGram)

Two weeks after suffering a cyberattack and shutting down parts of its infrastructure, MoneyGram has revealed more details on the incident, confirming that, contrary to what many speculated, this was not a ransomware attack.

A letter sent to stakeholders in late September 2024 seen by BleepingComputer, explains MoneyGram called in CrowdStrike, law enforcement, and other cybersecurity professionals, to investigate the matter, and the conclusion was - this was no ransomware attack:

"After working with leading external cybersecurity experts, including CrowdStrike, and coordinating with U.S. law enforcement, the majority of our systems are now operational, and we have resumed money transfer services," the email allegedly reads. "We recognize the importance of system security as we take these actions. We restored our systems only after taking extensive precautionary measures. At this time, we have no evidence that this issue involves ransomware nor do we have any reason to believe that this has impacted our agents' systems."

No evidence of ransomware

MoneyGram is a global money transfer and payment services company that enables individuals and businesses to send and receive funds internationally. It offers services including peer-to-peer money transfers, bill payments, and money orders, with operations in over 200 countries and territories.

On September 20, its customers took to social media (X, Facebook, Reddit) to complain about services not working properly, the website being offline, and other worries. Three days later, the company responded to the claims, saying it was experiencing a network outage, and later confirmed it suffered a “cybersecurity issue.” In response to this issue, MoneyGram shut down parts of its IT systems, including both online and in-person transactions.

This led to the media, and customers, speculating that MoneyGram had suffered a ransomware attack, even though no threat actors claimed to be responsible for the attack.

Money transfer services are back online, MoneyGram concluded.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.