MoneyGram, a financial services company based in the United States that facilitates money transfers, bill payments, and cryptocurrency transactions, has had to halt its services due to an ongoing cybersecurity incident, the specifics of which are still unclear.
The troubles seem to have started on Friday, September 20, when customers began reporting issues. Initially, these were attributed to a basic network outage affecting connectivity. However, upon further investigation, MoneyGram provided more information about the situation via a post on social media platform X on Monday, September 23. The company stated, “MoneyGram recently detected a cybersecurity issue impacting some of our systems. Once identified, we immediately initiated an investigation and took protective measures to address it, including proactively taking some systems offline, which affected network connectivity. We are collaborating with top external cybersecurity experts and coordinating with law enforcement. We appreciate the urgency of this matter for our customers and partners, and we are working diligently to restore our systems and resume normal business operations.”
The disruption has also affected downstream customers like the Post Office in the UK, which provides access to MoneyGram services across the country. In a brief announcement on its website, the Post Office noted: “Currently, you cannot use MoneyGram services online or in branches, including online support. We apologize for the inconvenience.”
Speculation surrounds the incident, leading to assumptions that MoneyGram may have been targeted by a ransomware attack. The necessity for the company to take parts of its systems offline as a containment strategy is typically a strong indicator of such an incident involving financially motivated cybercriminals. However, as of now, MoneyGram has not confirmed this.
Akhil Mittal, Senior Security Consulting Manager at the Synopsys Software Integrity Group, explained that money transfer services are attractive targets for cybercriminals due to their handling of significant amounts of digital cash and highly sensitive data. The attack on MoneyGram is not entirely unexpected. “The challenge lies in balancing security with service availability. By taking systems offline, MoneyGram prioritized security, but this underscores a common dilemma in the financial sector—how can organizations protect sensitive data without halting operations? Are companies prepared to meet this challenge?” Mittal remarked.
He emphasized that for IT teams, the initial task is to keep customers informed. Regular updates are crucial while teams isolate the threat, rectify any issues, and ensure the systems are secure before restoring services. Partnering with cybersecurity experts, as MoneyGram has done, can facilitate a quicker recovery.
Mittal also noted, “This issue is not merely a technical matter; it significantly impacts real people. In places like Jamaica, where the outage disrupts remittances from the diaspora, families rely on these transfers for everyday expenses. Such outages have tangible effects, highlighting the importance of considering how these interruptions affect communities that depend on remittances.”