US money transfer giant MoneyGram confirmed that hackers stole its customers' personal information and transaction data in a cyber attack last month. The company said in a statement on Monday that an unauthorized third party "accessed and obtained" customer data during the Sept. 20 cyber attack. The cyberattack, the nature of which was unclear, triggered a week-long outage that took the company's website and apps offline.
MoneyGram serves more than 50 million people in more than 200 countries and regions every year.
MoneyGram said in a statement on Monday that the investigation was still in the "early stages" and that it was working to determine which consumers were affected by the issue. The company did not say how many customers might be affected. MoneyGram spokesperson Sydney Schoolfield did not comment beyond the company's statement when interviewed.
Stolen customer data included names, phone numbers, postal and email addresses, dates of birth and identification numbers. The data also includes a "limited number" of Social Security numbers and government identification documents such as driver's licenses and other documents containing personal information such as utility bills and bank account numbers. MoneyGram said the type of data stolen varies from person to person.
MoneyGram said the stolen data also included transaction information, such as transaction dates and amounts, as well as "criminal investigation information (such as fraud) for a small number of consumers."