Summary
MoneyGram has experienced a significant data breach that exposed sensitive customer information, including Social Security numbers, bank account details, and personal identification documents. The breach occurred between September 20 and 22, 2024, and was detected on September 27, prompting the company to shut down certain services temporarily.
The cyberattack has raised concerns about the security of customer data within financial services. Hackers accessed MoneyGram’s systems through a social engineering attack, targeting its IT help desk. The stolen data varies among affected individuals, encompassing names, contact information, dates of birth, and transaction details. In response, MoneyGram is offering affected customers two years of free identity protection and credit monitoring services. The company is collaborating with external cybersecurity experts and law enforcement to investigate the breach and has reassured customers to monitor their financial accounts and credit reports for potential fraud or identity theft.
Key Details of the Breach
- Timeframe of Access: Hackers accessed the network from September 20 to 22, 2024.
- Data Compromised: The breach included names, phone numbers, email addresses, postal addresses, Social Security numbers, government-issued IDs, and bank account numbers.
- Investigation: MoneyGram is working with CrowdStrike and law enforcement to investigate the incident and has confirmed that the breach was not a ransomware attack.
- Customer Notifications: Affected individuals have been notified about the breach, and the type of data stolen varies per individual.
Recommendations for Affected Customers
MoneyGram advises customers to: - Review account statements regularly. - Monitor their credit reports, which can be accessed for free annually from the three major credit reporting agencies in the U.S. - Utilize the identity protection and credit monitoring services offered by MoneyGram for two years at no cost.
MoneyGram confirms hackers stole customer data in cyberattack
Oct. 7 / Bleepingcomputer / Delivers a thorough report on the breach's timeline and the nature of the data stolen, while clarifying the attack's method. The collaboration with CrowdStrike adds credibility, though it lacks specific details on affected individuals. “ MoneyGram has confirmed that hackers stole customers' personal information and transaction data in a September cyberattack that caused a five-day outage. The...
If you used MoneyGram last month, your data might’ve been stolen
Oct. 8 / Digitaltrends / Highlights the extensive range of sensitive data compromised in the MoneyGram breach, emphasizing the company's response and ongoing investigation. The detailed account of the attack method adds depth. “ MoneyGram, a global money transfer company, has disclosed on its website that a data breach has exposed sensitive information such as Social Security...
MoneyGram now says customer data was impacted in security incident
Oct. 8 / Tech Radar / Provides a comprehensive overview of the stolen data and the company's operational response. The article's mention of customer complaints on social media adds a relatable angle, enhancing reader engagement. “ MoneyGram has confirmed it did lose sensitive customer data in the recent cyberattack against its business . In a data breach notification letter sent to...
MoneyGram announces hack: Customer data such as Social Security numbers, bank accounts impacted
Oct. 9 / Usa Today / Focuses on MoneyGram's acknowledgment of the breach and its impact on services, providing a clear timeline of events. The emphasis on customer notifications and support services offers practical guidance for affected users. “ Financial service MoneyGram announced a hack and cybersecurity issue that has impacted the company, resulting in an investigation. "On September 27, 2024, we...