MoneyGram, a prominent money transfer service in the United States, faced a cyberattack on September 20, 2024, resulting in the unauthorized access and theft of sensitive customer information. This incident has raised concerns among the millions of individuals who rely on MoneyGram for secure and reliable money transfers.
In a public statement released on October 7, MoneyGram confirmed that hackers had breached their systems and obtained personal data belonging to their customers. The exact nature of the cyberattack remains unclear, but it prompted the company to take its website and mobile app offline for a week to address the security breach.
The data breach at MoneyGram was identified on September 27 when the company discovered that hackers had accessed customer information between September 20 and 22. The stolen data included a range of sensitive details such as customer names, phone numbers, email addresses, dates of birth, and, in some cases, a limited number of Social Security numbers. Additionally, government-issued identification documents like driver’s licenses and utility bills, along with bank account numbers and MoneyGram Plus Rewards numbers, were compromised.
The company acknowledged that the extent of the information accessed varied by individual, indicating that not all customers faced the same level of risk. The stolen data also encompassed transaction details, dates, and amounts, and for a select few, information related to criminal investigations like fraud.
MoneyGram responded promptly to the breach by taking necessary steps to contain the issue. Certain systems were temporarily taken offline to mitigate further risks, impacting the availability of their services. The company has since resumed normal operations and is collaborating with leading cybersecurity experts to investigate the breach. Law enforcement agencies have also been engaged to assist in the ongoing investigation.
Following the data breach, MoneyGram urged its customers to exercise caution and vigilance to prevent potential fraud and identity theft. Customers were advised to monitor their account statements regularly and review their credit reports for any suspicious activity. The company provided resources for customers to access free credit reports, emphasizing the importance of staying informed about their financial information.
To support affected individuals, MoneyGram arranged for identity protection and credit monitoring services for two years at no cost to impacted U.S. consumers. This proactive measure aims to mitigate the risks associated with the stolen data and provide additional security measures for those affected.
With a customer base exceeding 50 million across over 200 countries and territories, MoneyGram reaffirmed its commitment to prioritizing customer data security. The company expressed regret over any inconvenience caused by the breach and emphasized the significance of safeguarding consumer information.
In a notice to consumers, MoneyGram expressed regret for the incident and encouraged affected individuals to reach out to their support line for more information or assistance regarding the data breach. The company remains dedicated to addressing the aftermath of the cyberattack and ensuring the security of its customers’ information.