MoneyGram Payment Systems, Inc. confirmed that hackers accessed and stole sensitive customer data, including personal information and transaction details.
The breach occurred between September 20 and 22, 2024, and was discovered on September 27, 2024.
The stolen data includes a wide range of personal and financial information, such as names, phone numbers, email, and postal addresses, dates of birth, Social Security numbers, government-issued identification documents (like driver’s licenses), utility bills, bank account numbers, MoneyGram Plus Rewards numbers, and transaction information (including dates and amounts of transactions).
Additionally, criminal investigation information (such as fraud) was also compromised for a limited number of consumers.
Upon detecting the issue, MoneyGram took immediate action to contain and remediate the breach, including taking certain systems offline, which temporarily impacted the availability of their services.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
The company launched an investigation with the assistance of leading external cybersecurity experts and has been coordinating with law enforcement.
MoneyGram has assured that its systems are back online and normal business operations have resumed. However, the company recommends that customers remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring free credit reports.
Furthermore, MoneyGram has arranged to offer affected U.S. consumers identity protection and credit monitoring services for two years at no cost.
The company emphasizes the importance of protecting personal information and encourages customers to remain alert for unsolicited communications involving their personal data.
The incident highlights the ongoing threat of cyberattacks on financial institutions and the need for robust cybersecurity measures to protect sensitive customer data.
MoneyGram’s response to the breach, including their cooperation with law enforcement and provision of identity protection services, underscores their commitment to safeguarding customer information.
Strategies to Protect Websites & APIs from Malware Attack => Free Webinar