MoneyGram Confirms Cyberattack Resulted in Customer Data Breach

• Money transfer giant MoneyGram revealed the recent cyberattack that crippled its systems in September, resulting in a customer data leak.
• Personal information and transaction customer information were stolen from the company.
• MoneyGram clients are advised to stay vigilant against possible fraud tentatives.

Prominent U.S. money transfer giant MoneyGram confirmed that the cyberattack it suffered last month resulted in the unauthorized access and exfiltration of sensitive customer data. The breach, which occurred on September 20, led to a week-long outage affecting the company's website and app.

MoneyGram disclosed that the hackers accessed personal information and transaction data belonging to its vast customer base. The compromised data includes names, phone numbers, postal and email addresses, dates of birth, and national identification numbers.

Additionally, a limited number of Social Security numbers and government identification documents, such as driver’s licenses, were also accessed. Transaction details, including dates and amounts, alongside criminal investigation information, were part of the stolen data set for a select number of consumers.

MoneyGram, serving over 50 million people across more than 200 countries and territories annually, is currently in the preliminary stages of its investigation. In alignment with regulatory obligations, MoneyGram has notified U.K. data protection authorities of the breach.

The company is working to ascertain the full extent of the breach and identify the consumers affected. However, the precise number of customers impacted remains undisclosed at this juncture.

Meanwhile, customers are urged to review their financial statements and credit reports regularly and report any suspicious activity to the proper authorities.

In other news, the February data breach that hit debt collection agency Financial Business and Consumer Solutions also impacted more than 237,000 Comcast customers, and a data breach detected on September 24 involving a zero-day exploit traced to ScienceLogic's SL1 software affected American cloud computing giant Rackspace.