The UK’s data protection authority is investigating MoneyGram following a report of a data breach from the U.S.-based money transfer company.
The Information Commissioner’s Office confirmed to TechCrunch on Friday that it had received a breach report from MoneyGram, which is required to notify authorities of data incidents within 72 hours of discovery. “We have received a report from MoneyGram and will be making enquiries,” said ICO spokesperson Lucy Milburn.
Details about the extent of the potential breach remain unclear. MoneyGram, the world’s second-largest money transfer service, serves over 50 million customers across more than 200 countries each year.
The company has been relatively tight-lipped about the incident, sharing only a few updates on its X account. Notably, its website, which has recently resumed operation after nearly a week of downtime, does not mention the cybersecurity issue, and MoneyGram has not responded to multiple requests for comment from TechCrunch.
The incident was first acknowledged by MoneyGram on Monday, following three days of operational disruptions. The company indicated it had identified a cybersecurity issue affecting certain systems and had taken some offline to contain the problem.
The outage affected both MoneyGram’s website and app, preventing customers from making payments, and also impacted partners such as the Bank of Jamaica and the UK’s Post Office.
In the latest update shared on Thursday, MoneyGram announced that customers can once again “send and receive money through both our digital platforms and agent partners,” though the company noted it is still working to complete pending transactions.
