em360tech image

MoneyGram has revealed that a cyber attack is behind the ongoing IT outages and lack of service it’s been dealing with since Friday. 

In a post on X on Monday, the US-based money transfer giant said it had “identified a cybersecurity issue affecting certain of our [sic] systems.” The company previously said a “network outage” was the cause of the problem.

"MoneyGram recently identified a cybersecurity issue affecting certain of our systems," reads the X announcement.

"Upon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline, which impacted network connectivity."

MoneyGram has not yet confirmed the nature of the cybersecurity incident or whether customer data is affected. The incident first began Friday when people reported the inability to receive payments or access their money through the service, and the website was unavailable. 

 Since Friday, customers could not make in-person and online payments, and the company’s website and app remain down. As of Wednesday, 25 September, the company’s website and app are back online.

After MoneyGram customers could not transfer or access their money, the company said on Saturday that they were experiencing a "network outage" impacting connectivity to their systems.

moneygram outage cyber attack
MoneyGram website showing notice about ongoing IT outage. 

The company finally confirmed on Monday that a cybersecurity incident was the cause of the outage, assuring customers that the firm is working diligently with external experts and law enforcement to resolve the situation.

"We recognize the importance and urgency of this matter to our customers and partners. We are working diligently to bring our systems back online and resume normal business operations," explained MoneyGram.

MoneyGram partners also affected

The cyber attack on MoneyGram and ongoing outage also appear to have affected MoneyGram partners around the world. 

On Monday, the Bank of Jamaica said on Monday that “remittance companies that offer MoneyGram services in Jamaica are unable to access the MoneyGram platform to send remittances abroad or disburse remittance proceeds to recipients in Jamaica.”

The UK Post Office, which offers MoneyGram services, is also affected. It says on its website that, “for now, you can’t use MoneyGram services online or in the branch, including online support.”

MoneyGram hasn’t yet said when it expects its services to come back online, but in a recent post on X, it says it's making progress.

In response to a user on X, MoneyGram said, “We don’t have a timeline and currently trying to work on a fix.”

“This isn’t just a technical problem”

MoneyGram is an American peer-to-peer payment and money transfer firm that enables people to send and receive money through an extensive network of 350,000 physical locations in 200 countries or digitally via its mobile app and website.

It is the world's second-largest money transfer company, only behind Western Union, processing over 120 million transactions annually from tens of millions of users.

While MoneyGram has not shared what type of attack they suffered, the extended outage and loss of connectivity to systems is indicative of a ransomware attack.

Considering MoneyGram's massive customer base, a potential data breach on the company could have far-reaching repercussions for many people

Akhil Mittal, senior security consulting manager at the Synopsys Software Integrity Group, told EM360Tech that the extend of the cyber attack could have long-lasting implications for Moneygram partners and customers around the world. 

“This isn’t just a technical problem, it’s affecting real people,” Mittal said.

“In places like Jamaica, families depend on these transfers for daily expenses, outages like this have a real impact. It’s important to consider how these disruptions affect communities that rely on remittances. 

“Then there’s the question of communication. So far, MoneyGram hasn’t shared many details, which raises a key point: How much should companies say during a cyber crisis? Should they keep customers informed as they work on it, or wait until everything’s resolved?”

“This could start a broader conversation about how companies build trust when facing situations like this. By taking everything offline, MoneyGram clearly puts security first, but it also highlights a common struggle in the financial sector—how do you protect sensitive data without shutting down the business? Are companies ready to handle that challenge?”

What's next following the MoneyGram cyber attack?

The MoneyGram cyber attack has left a significant impact on its customers and the broader financial industry. 

While MoneyGram has not disclosed the specific details of the attack, it is likely that customer data, including personal and financial information, has been compromised. This raises concerns about potential identity theft, fraud, and financial loss for affected individuals.

In the aftermath of the attack, MoneyGram will need to implement more robust cybersecurity measures to prevent similar incidents in the future. This may include investing in advanced security technologies, improving employee training, and conducting regular security audits.

The incident will also have broader implications for the financial industry and the ongoing battle against cybercrime. Financial institutions have found themselves increasingly targetted by hackers, most recently with the attack on payment platform Slim CD.