MoneyGram has confirmed that the cyberattack that disrupted its service for several days last month resulted in the theft of customer data, including bank account numbers.
In late September, MoneyGram was compelled to take its systems offline in response to a cybersecurity issue. The company has since reported that an unauthorized third party accessed and acquired personal information of certain customers.
The compromised information includes names, contact details, dates of birth, national identification numbers, copies of government-issued identification documents, other identification documents such as utility bills, bank account numbers, MoneyGram Plus Rewards numbers, transaction details, and, for a limited number of consumers, information related to criminal investigations.
Customers are advised to remain vigilant, and some are being offered identity monitoring services for two years at no cost.
As the world’s second-largest money transfer operator, MoneyGram serves over 50 million users, facilitating more than $200 billion in transactions annually. The impact of the attack has already affected the company’s business, with the UK’s Post Office opting not to renew a long-standing partnership.