MoneyGram confirmed on Monday that it had been the target of a cyberattack, which resulted in an unauthorized party gaining access to the company’s internal systems.
It’s not clear how many MoneyGram customers are affected. According to the company’s website, MoneyGram has more than 150 million customers in 200 countries and regions.
MoneyGram notified customers about the data breach on its website, explaining that the affected information will be different for each customer.
The types of customer data stolen in the hack include names, home addresses, phone numbers, email addresses, birthdays, Social Security numbers, bank account numbers, MoneyGram Plus Rewards numbers, and transaction information.
Prime Day deals you can shop now
The products available for purchase here through affiliate links are selected by our merchandising team. If you buy something through the links on our site, Mashable may earn an affiliate commission.
In addition, copies of ID cards, such as driver’s licenses as well as other identity documents such as copies of utility bills were also taken. For a “limited number of consumers,” criminal investigation information was also taken into the cybersecurity incident, MoneyGram said.
Speed of light mashable
The MoneyGram data breach is the latest theft of customer data
MoneyGram first became aware of the unauthorized access to its internal systems on September 27, 2024 and proceeded to temporarily shut down the affected systems.
“Upon discovering the issue, we took steps to contain and address it, including proactively shutting down certain systems, which temporarily impacted the availability of our services,” MoneyGram said in a statement.
After a subsequent investigation, the company stated that the hack occurred between September 20 and 22.
Just yesterday, Mashable reported on a data breach affecting Comcast customers. However, in this cybersecurity incident, Comcast customers’ data was taken via a data breach at a third-party data collection company. The MoneyGram data breach is the result of a direct hack of the money transfer company itself.
According to a BleepingComputer report, the cybersecurity incident at MoneyGram was the result of a social engineering attack on its IT help desk. A hacker allegedly impersonated an employee and gained access to the company’s network. MoneyGram has not yet shared details of the incident. However, the company has confirmed that this is not a ransomware attack.
Due to the breach, MoneyGram will provide affected customers with two years of identity protection and credit monitoring services free of charge.
