American peer-to-peer payments and money transfer company MoneyGram confirmed on September 21, 2024 that a cyberattack caused its services to become unavailable. The company has taken some of its systems offline since September 20 to contain the attack, and services were fully restore on September 26.
MoneyGram now confirms on its web site that the cyberattack exposed customer data, including customer name, contact info (such as phone numbers, email and postal addresses), dates of birth, government IDs, Social Security numbers, and transaction details:
“The impacted information included certain affected consumer names, contact information (such as phone numbers, email and postal addresses), dates of birth, a limited number of Social Security numbers, copies of government-issued identification documents (such as driver’s licenses), other identification documents (such as utility bills), bank account numbers, MoneyGram Plus Rewards numbers, transaction information (such as dates and amounts of transactions) and, for a limited number of consumers, criminal investigation information (such as fraud). The types of impacted information varied by affected individual.”
The company said it is proactively working to contain and remediate the attack with the help of external cybersecurity experts. The company already notified law enforcement about the data breach.
Read more about it here.