MoneyGram, a global money transfer service, recently announced a data breach that compromised sensitive customer information. The breach, which occurred between September 20th and 22nd, 2024, disrupted transactions for five days. According to MoneyGram’s official statement, the hackers had already gained access to their network before the company was aware of the intrusion.
The cyberattack initially targeted the Windows Active Directory system, allowing unauthorized access to a range of personal data. Compromised information included customer names, contact details (phone numbers, email and postal addresses), dates of birth, and in some cases, Social Security numbers. Additionally, copies of government-issued IDs (such as driver’s licenses), other identifying documents (like utility bills), bank account numbers, MoneyGram Plus Rewards numbers, and transaction details (dates and amounts) were also exposed. A limited number of customers also had criminal investigation information, such as fraud records, compromised.
The company has notified all affected individuals, although the specific type and extent of data stolen vary per customer. While MoneyGram has not disclosed the total number of affected users, they are actively investigating the incident with assistance from cybersecurity firm CrowdStrike. It’s been confirmed that the attack was not ransomware-related, and no group has yet claimed responsibility. Further details are expected to be released soon.
The data breach impacted MoneyGram’s operations, halting transactions for five days. The company emphasizes that hackers had infiltrated the system before the breach was detected, highlighting the sophisticated nature of the attack.
MoneyGram is urging customers to remain vigilant against potential fraud and identity theft. The company recommends reviewing account statements and monitoring credit reports. U.S. customers are reminded of their right to one free annual credit report from each of the three nationwide consumer reporting agencies. This allows individuals to proactively check for any unauthorized activity and take necessary steps to protect their financial information.
MoneyGram has reiterated its commitment to cooperating with authorities and enhancing its security measures to prevent future incidents. The company’s ongoing investigation, in collaboration with CrowdStrike, aims to uncover the full extent of the breach and identify the perpetrators.
For those affected, MoneyGram advises contacting the relevant credit reporting agencies and monitoring accounts for suspicious transactions. Staying informed and proactive is crucial in mitigating the risks associated with data breaches.
