MoneyGram has confirmed a significant data breach that compromised the personal and transactional data of its customers following a cyberattack in September 2024. The breach occurred between September 20 and 22, 2024, causing a week-long outage that disrupted access to the company’s website and app services. The incident was discovered on September 27, 2024, sparking an immediate investigation into the scope of the damage.
Stolen Data: Sensitive Information Compromised
The cyberattack led to the theft of highly sensitive customer information, including:
- Names
- Phone numbers
- Email addresses
- Dates of birth
- Social Security numbers (in some cases)
- Government identification documents
- Postal addresses
- Bank account numbers
- MoneyGram Plus Rewards numbers
In addition to these personal details, transaction information, such as dates and amounts, was also compromised. With MoneyGram serving more than 50 million people annually across over 200 countries, the potential scale of the breach could be vast, although the company has yet to disclose the exact number of affected customers.
SEE ALSO: MoneyGram Faces Days-Long Outage Due to Cybersecurity Incident
MoneyGram’s Response and Investigation
MoneyGram responded quickly by taking certain systems offline in an attempt to contain the breach, which led to temporary service disruptions. The company is now working with external cybersecurity experts to investigate the full extent of the breach and collaborating with law enforcement agencies to trace the attackers.
A spokesperson for MoneyGram, Sydney Schoolfield, declined to provide additional details, but the company’s official statement suggests they are still assessing the breach’s full scope. In compliance with legal obligations, MoneyGram has already notified data protection regulators in the United Kingdom, acknowledging the potential international impact of the incident.
Customer Advisory and Ongoing Investigation
As part of its efforts to manage the fallout from the breach, MoneyGram has advised affected customers to remain vigilant against fraud and identity theft. Customers are encouraged to:
- Review account statements
- Monitor credit reports
- Watch for any suspicious activity
Despite these advisory measures, MoneyGram has not yet revealed the exact method of the attack or the vulnerabilities exploited. The investigation remains ongoing, with the company working to understand how hackers were able to breach its systems.
Growing Cybersecurity Threats
This breach is another reminder of the growing cybersecurity risks facing global financial services companies. MoneyGram’s extensive customer base and international presence make it a particularly attractive target for cybercriminals, raising concerns over the adequacy of its security measures. As cyberattacks on financial institutions increase, companies like MoneyGram are under mounting pressure to fortify their defenses against ever-evolving threats.
MoneyGram’s customers now face the difficult task of safeguarding their information and taking appropriate steps to mitigate the risk of identity theft and fraud in the wake of the breach. As the investigation progresses, further details on the attack may shed light on the steps the company and others in the industry need to take to better protect sensitive customer data.