MoneyGram Notifies Consumers of Data Breach Affecting Sensitive Personal Information
MoneyGram Payment Systems, Inc. has recently issued a Notice of Data Breach after discovering that an unauthorized third party had accessed and stolen personal information of certain consumers between September 20 and 22, 2024. The breach, which targeted sensitive customer data, has prompted MoneyGram to take swift action to mitigate further risks and ensure consumer protection.
According to the official notice, MoneyGram first identified the breach on September 27, 2024, when they “determined that an unauthorized third party accessed and acquired personal information of certain consumers between September 20 and 22, 2024.” Although the investigation is still ongoing, the company is actively coordinating with law enforcement and external cybersecurity experts to further assess the scope and nature of the incident.
In response to the discovery, MoneyGram promptly took decisive steps to limit further damage. The company noted that it “took steps to contain and remediate it, including proactively taking certain systems offline,” which temporarily impacted its services. As of the latest updates, normal business operations have resumed, and the company’s systems are back online.
MoneyGram’s investigation revealed that a wide array of consumer data had been compromised during the attack. The stolen information included:
- Consumer names, contact information (such as phone numbers, email addresses, and postal addresses)
- Dates of birth
- A limited number of Social Security numbers
- Copies of government-issued identification (such as driver’s licenses) and other identification documents (such as utility bills)
- Bank account numbers
- MoneyGram Plus Rewards numbers
- Transaction details (such as transaction dates and amounts)
- Criminal investigation information (for a limited number of individuals, such as fraud-related data)
“The types of impacted information varied by affected individual,” MoneyGram clarified, emphasizing that not all consumers were affected in the same way. However, the sensitivity of the compromised data heightens concerns about potential identity theft and fraud.
In its notice, MoneyGram expressed its regret for any inconvenience caused and announced several measures to support affected consumers. The company has arranged for U.S. consumers whose data was compromised to receive “identity protection and credit monitoring services for two years at no cost.” This move comes alongside guidance from the U.S. Federal Trade Commission (FTC) to help consumers safeguard their personal information.
The company advised all consumers to “remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring free credit reports.” Additionally, MoneyGram warned consumers to be cautious of unsolicited communications involving their personal information, which could be part of fraudulent schemes.
