Money transfer giant MoneyGram confirmed hackers accessed customers' personal information and transaction data during the cyberattack last month.
The company said in a statement on Monday that an unauthorized third party "accessed and acquired" customer data during the cyberattack on September 20. The nature of the cyberattack is unknown; it triggered a one-week outage that put the company's website and app off-line.
MoneyGram said it serves more than 50 million people in more than 200 countries and territories each year.
In a statement Monday, MoneyGram said its investigation into the breach is still in its "early stages" and is working to figure out which consumers were affected by this issue. The company did not say how many customers might be affected. When reached, MoneyGram spokesperson Sydney Schoolfield did not comment beyond the company's statement.
Names, phone numbers, postal and e-mail addresses, dates of birth, and national identification numbers are among the stolen customer data. The compromised data also included a "limited number" of Social Security numbers and government identification documents, in addition to driver's licenses and other identification carrying personal details, such as utility bills and bank account numbers. According to MoneyGram, the sorts of information stolen will vary for each affected individual.
The company said the stolen data included information about transactions-date and amount of transactions, for instance-and, in a very limited number of consumers' cases, criminal investigation information like fraud.
MoneyGram had notified U.K. data regulators about a data breach later, TechCrunch reported earlier.