MoneyGram confirms data breach affecting millions of customers
MoneyGram, a leading US-based money transfer company, has confirmed that a cyberattack last month led to the theft of its customers' personal information and transaction data. The breach, which happened on September 20, saw an unauthorized third party gaining access to customer data. It triggered a week-long outage that took both the company's website and app offline.
Investigation into the breach is ongoing
MoneyGram, which caters to over 50 million people across 200+ countries and territories every year, is investigating the breach. The company's spokesperson, Sydney Schoolfield, did not share anything more than the official statement. The investigation is still in its early stages with efforts underway to determine which customers were affected by this issue.
Extent of stolen data
The data compromised in the breach includes names, mobile numbers, postal and email addresses, dates of birth, and national identification numbers. A "limited number" of Social Security numbers and government identification documents were also stolen. These documents include driver's licenses and other documents containing personal information such as utility bills and bank account numbers. The types of stolen data will vary by individual according to MoneyGram's statement.
Transaction information and criminal investigation data compromised
Along with personal information, the cyberattack also compromised transaction data like dates and amounts of transactions. For a "limited number of consumers," criminal investigation information related to fraud was also accessed. MoneyGram has reported the data breach to UK's data protection regulators as mandated by UK law.
