Quick Links
MoneyGram users should be on alert after the company revealed its databases were breached in September 2024, resulting in the loss of sensitive information regarding its enormous customer base.
With more than 150 million users worldwide, many millions of whom reside in the US, the number of affected accounts is significant; MoneyGram says it will inform individual accounts about the data lost.
MoneyGram Hack Results in the Loss of Private Data
MoneyGram’s network was breached between September 20 and 22, 2024, with the hackers accessing the private information of millions of users. While the exact number of users is unknown at the time of writing, as one of the world’s largest money transfer and digital payment platforms, MoneyGram has users across more than 200 countries.
The initial attack on MoneyGram caused a five-day outage in September 2024, with MoneyGram taking steps to secure its network during that time. A confidential source told Bleeping Computer that the company was breached through a social engineering attack, and that there was no ransomware at play.
Still, MoneyGram confirmed that hackers had stolen a significant volume of user data, including names, email addresses, postal addresses, social security numbers, government IDs, and more.
The impacted information included certain affected consumer names, contact information (such as phone numbers, email and postal addresses), dates of birth, national identification numbers, copies of government-issued identification documents (such as driver’s licences), other identification documents (such as utility bills), bank account numbers, MoneyGram Plus Rewards numbers, transaction information (such as dates and amounts of transactions) and, for a limited number of consumers, criminal investigation information (such as fraud). The types of impacted information varied by affected individual.
The data stolen varies by customer, and MoneyGram is set to contact affected individuals to explain the severity of the breach on personal terms.
How to Stay Safe After the MoneyGram Hack
MoneyGram recommends that affected users (who could be anyone up until the user-specific emails are sent) closely monitor any accounts. Furthermore, the company has also “arranged to offer affected consumers identity monitoring services for two years” at no cost. It’s really the least they could do!
Affected MoneyGram customers can contact MoneyGram’s Data Protection Officers [PDF] to find the best course of action
