'Cybersecurity issue' takes MoneyGram offline for three days – and counting
Still no ‘R’ word, but smells like ransomware from here
A "cybersecurity issue" has shut down MoneyGram's systems and payment services since Friday, and the fintech leader has yet to update customers as to when it expects to have its global money transfer services back up and running.
The downed services reportedly include in-person payments as well as online transactions.
The Register has asked Texas-based MoneyGram for comment and will update this story if and when we receive answers to our questions, including when it expects to restore its operations, and if a ransomware infection is to blame for the forced downtime.
After initially alerting customers via X/Twitter on Saturday, and describing the problem as a "network outage impacting connectivity to a number of our systems," the financial technology firm disclosed on Monday that the outage was due to some sort of digital intrusion.
However, MoneyGram still has not used the dreaded "r" word in describing the system outage, and it does not yet appear that any ransomware gang has claimed responsibility for the breach.
In the Monday Xeet, MoneyGram said it had "identified a cybersecurity issue affecting certain of our systems." Following that detection, the payment processor says it "immediately launched an investigation and took protective steps to address it, including proactively taking systems offline which impacted network connectivity."
- Cybercrooks strut away with haute couture Harvey Nichols data
- Valencia Ransomware explodes on the scene, claims California city, fashion giant, more as victims
- Rhysida ransomware gang ships off Port of Seattle data for $6M
- Despite Russia warnings, Western critical infrastructure remains unprepared
It has since hired third-party cybersecurity experts and is working with law enforcement, we're told. "We are working diligently to bring our systems back online and resume normal business operations," MoneyGram promised.
The money transfer giant has access to — and, we'd assume, stores — a ton of sensitive customer data. This presumably includes usernames and passwords, bank account and credit card numbers, names, addresses, phone numbers, and other contact information that can also be used, in the wrong hands, for financial and identity theft along with other fraud.
This makes MoneyGram a prime target for digital thieves looking for a payout, either in the form of an extortion payment or by selling people's private information on dark-web marketplaces.
In 2023, private equity firm Madison Dearborn Partners completed the acquisition of MoneyGram for about $1.8 billion. The fintech business claims to have more than 150 million customers worldwide. ®
Speaking of cyberattacks... Arkansas City in Kansas is dealing with a ransomware infection at its water treatment facility that forced staff to switch to manual control. Officials said customer data is safe, as is the water supply, and that a ransom demand had been made. No payment will be provided, we're told.