MoneyGram confirms hackers stole customer data in cyberattack – BleepingComputer

American Water shuts down online services after cyberattack
Russia arrests US-sanctioned Cryptex founder, 95 other linked suspects
Comcast and Truist Bank customers caught up in FBCS data breach
AT&T, Verizon reportedly hacked to target US govt wiretapping platform
ADT discloses second breach in 2 months, hacked via stolen credentials
LEGO’s website hacked to push cryptocurrency scam
Ukrainian pleads guilty to operating Raccoon Stealer malware
Microsoft: Word deletes some documents instead of saving them
How to access the Dark Web using the Tor Browser
How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11
How to use the Windows Registry Editor
How to backup and restore the Windows Registry
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
Remove the Theonlinesearch.com Search Redirect
Remove the Smartwebfinder.com Search Redirect
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Antivirus 2009 (Uninstall Instructions)
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
eLearning
IT Certification Courses
Gear + Gadgets
Security
Best VPNs
How to change IP address
Access the dark web safely
Best VPN for YouTube

MoneyGram has confirmed that hackers stole customers’ personal information and transaction data in a September cyberattack that caused a five-day outage.
The company first detected the attack on September 27th, causing it to shut down IT systems, preventing MoneyGram customers from accessing or transferring money to other users.
In a new data breach notification published today, MoneyGram now says that the threat actors had access to its network even earlier, between September 20 and 22, 2024. 
During this time, the threat actors stole a varied amount of sensitive customer information, including transaction information, email addresses, postal addresses, names, phone numbers, utility bills, government IDs, and social security numbers.
“The impacted information included certain affected consumer names, contact information (such as phone numbers, email and postal addresses), dates of birth, a limited number of Social Security numbers, copies of government-issued identification documents (such as driver’s licenses), other identification documents (such as utility bills), bank account numbers, MoneyGram Plus Rewards numbers, transaction information (such as dates and amounts of transactions) and, for a limited number of consumers, criminal investigation information (such as fraud),” reads the data breach notification first spotted by TechCrunch.
MoneyGram says the amount and type of data stolen vary depending on the affected customer. The specific information stolen from a customer will likely be listed in data breach notifications sent to impacted individuals.
BleepingComputer first reported that MoneyGram was breached through a social engineering attack on its IT help desk where threat actors impersonated an employee.
Once they gained access to the network, the threat actors initially targeted the Windows active directory services to steal employee information.
CrowdStrike has been assisting MoneyGram in investigating the incident.
It is unknown who is behind the attack, and no threat actors have claimed responsibility. However, MoneyGram has confirmed it was not a ransomware attack.
If you have any information regarding this incident or any other undisclosed attacks, you can contact us confidentially via Signal at 646-961-3731 or at tips@bleepingcomputer.com.
MoneyGram: No evidence ransomware is behind recent cyberattack
Outlast game development delayed after Red Barrels cyberattack
MoneyGram confirms a cyberattack is behind dayslong outage
Disney ditching Slack after massive July data breach
Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data
Not a member yet? Register Now
Google removes Kaspersky’s antivirus software from Play Store
AT&T, Verizon reportedly hacked to target US govt wiretapping platform
Comcast and Truist Bank customers caught up in FBCS data breach
Hybrid Analysis Bolstered by Criminal IP’s Comprehensive Domain Intelligence
Reduce cyber risk by securing passwords in your employee onboarding
Data Theft in Salesforce: Manipulating Public Links
Discover how to build custom dictionaries in your AD password policy
See how you can manage shadow IT and reduce your attack surface
Terms of Use – Privacy Policy – Ethics Statement – Affiliate Disclosure
Copyright @ 2003 – 2024 Bleeping Computer^® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.