MoneyGram recently confirmed that a cyberattack in September led to the theft of customers’ personal and transaction data. The breach caused a five-day system outage, preventing users from accessing or sending money.
The company initially detected the attack on September 27, 2024, prompting them to shut down their IT systems. However, MoneyGram now reveals that the hackers had access to their network earlier, between September 20 and 22. During this time, the attackers managed to steal sensitive customer information, such as transaction details, email addresses, phone numbers, utility bills, government IDs, and even Social Security numbers.
The extent of the stolen data varies from one customer to another, as confirmed in their official breach notification. Some affected individuals may also have had their bank account numbers, MoneyGram Plus Rewards information, and criminal investigation details exposed.
The breach was initially reported by BleepingComputer, which noted that the hackers gained access through a social engineering attack, impersonating an employee to infiltrate MoneyGram’s IT help desk. The attackers then targeted the company’s Windows Active Directory services to steal employee data.
CrowdStrike is assisting in the investigation, but the identity of the attackers remains unknown, and MoneyGram confirmed that it wasn’t a ransomware attack.
