MoneyGram, the U.S. money transfer giant, has confirmed a cyberattack that led to the theft of sensitive customer information. The MoneyGram cyberattack, which occurred on September 20, 2024, has raised concerns among the millions of consumers who rely on the company for secure money transfers.
In a public statement released on October 7, MoneyGram acknowledged that an unauthorized third party had accessed and acquired personal data from its systems. The nature of the cyberattack on MoneyGram remains unclear, but it caused a week-long disruption, forcing the company to take its website and mobile app offline to address the breach.
Details of the MoneyGram Cyberattack
The MoneyGram data breach was identified on September 27, when the company confirmed that hackers accessed customer information between September 20 and 22. The affected data includes a variety of sensitive details, such as customer names, phone numbers, email addresses, and dates of birth.
In some instances, a limited number of Social Security numbers were also compromised. Moreover, the breach included government-issued identification documents, like driver’s licenses and utility bills, as well as bank account numbers and MoneyGram Plus Rewards numbers.
The company stated, “The types of impacted information varied by affected individual,” suggesting that not all customers faced the same level of risk. Additionally, the stolen data encompassed transaction details, including dates and amounts, and for a limited number of consumers, even information related to criminal investigations, such as fraud.
In response to the breach, MoneyGram has taken immediate steps to contain the issue. The company temporarily took certain systems offline to mitigate any further risks, an action that directly impacted its service availability. They have since resumed normal business operations and are working alongside leading external cybersecurity experts to investigate the breach. The company has also coordinated with law enforcement to aid in the investigation.
Customer Precautions Following the MoneyGram Data Breach
Recognizing the potential for fraud and identity theft, MoneyGram has urged its customers to remain vigilant. They recommend that consumers review their account statements regularly and monitor their credit reports for any unusual activity. Under U.S. law, residents are entitled to one free credit report annually from each of the three major consumer reporting agencies. MoneyGram has provided resources for customers to access these reports, highlighting the importance of staying informed.
To further support those affected, MoneyGram has arranged for identity protection and credit monitoring services for two years at no cost to impacted U.S. consumers. This proactive measure aims to help mitigate the risks associated with the stolen data.
With over 50 million customers in more than 200 countries and territories, MoneyGram has reiterated its commitment to maintaining the security of customer data. The company expressed regret over the inconvenience this incident may have caused and emphasized that safeguarding consumer information is of utmost importance.
In the notice sent to consumers, MoneyGram stated, “We regret any inconvenience this issue may have caused,” and encouraged affected individuals to contact their support line for more information or assistance regarding the breach.