Malware
MoneyGram Confirms Devastating Cyberattack: Hackers Swipe Sensitive Customer Data
MoneyGram, a global money transfer company, has confirmed that hackers accessed and stole customer data in a cyberattack. The breach targeted customers who made transactions during specific timeframes, with details including names, addresses, and transaction data being exposed. MoneyGram is offering free identity theft protection and credit monitoring services to affected customers.
MoneyGram Cyberattack: What Happened?
MoneyGram has confirmed that hackers stole customers’ personal information and transaction data in a September cyberattack, which led to a five-day outage. The company first became aware of the attack on September 27th, shutting down its IT systems and leaving MoneyGram customers unable to access or transfer money.
In a recent data breach notification, MoneyGram revealed that the threat actors had access to its network even earlier, between September 20 and 22, 2024. During this time, they stole sensitive customer information, including transaction details, email addresses, postal addresses, names, phone numbers, utility bills, government IDs, and social security numbers.
What Information Was Stolen?
According to the data breach notification, the impacted information includes consumer names, contact information (phone numbers, email and postal addresses), dates of birth, a limited number of social security numbers, copies of government-issued identification documents (such as driver’s licenses), other identification documents (like utility bills), bank account numbers, MoneyGram Plus Rewards numbers, transaction information (including dates and amounts of transactions), and in some cases, criminal investigation information (such as fraud).
The amount and type of data stolen varies depending on the affected customer. Impacted individuals will likely receive data breach notifications detailing the specific information stolen.
How Did the Attack Happen?
We first reported that the breach occurred through a social engineering attack on MoneyGram’s IT help desk, where threat actors impersonated an employee. Once they gained access to the network, the attackers initially targeted the Windows active directory services to steal employee information. CrowdStrike has been assisting MoneyGram in investigating the incident.
At this time, it is unknown who is behind the attack, and no threat actors have claimed responsibility. However, MoneyGram has confirmed that it was not a ransomware attack.
What Can You Do?
If you have any information regarding this incident or any other undisclosed attacks, please contact us confidentially at 646-961-3731 or email us at tips@ITServices.com.
It’s important to stay vigilant and informed about cybersecurity threats. Keep coming back to learn more about how to protect yourself and your personal information. Don’t hesitate to reach out to us for further guidance and advice on cybersecurity best practices.