The UK’s data watchdog confirms it is investigating the MoneyGram data breach

The UK’s data protection regulator has confirmed it is investigating MoneyGram after receiving a data breach report from the US money transfer giant.

The UK’s Information Commissioner’s Office, which requires organizations to report data breaches inside 72 hours of detecting an incident, confirmed to TechCrunch on Friday that the regulator had received a report from MoneyGram in reference to a cybersecurity incident at the company.

“We have received the report from MoneyGram and will be making inquiries,” ICO spokeswoman Lucy Milburn told TechCrunch.

The scale of the potential data breach at MoneyGram stays unknown. MoneyGram, the world’s second largest money transfer provider, serves greater than 50 million people yearly in over 200 countries and territories.

MoneyGram has been largely silent on the cybersecurity incident, apart from a couple of updates posted to its X account.

The company’s website, which has relaunched after almost every week of absence, comprises no mention of the cybersecurity incident, and MoneyGram didn’t reply to TechCrunch’s repeated requests for comment.

MoneyGram first confirmed the cybersecurity incident on Monday after three days of operational downtime, stating that it had “identified a cybersecurity issue impacting some of our (sic) systems” and disabled some systems to contain the incident.

The outage took each the company’s website and app offline, stopping customers from making payments in person or online. The outage also affected MoneyGram’s partners, including Bank of Jamaica and British Post Office.

Latest update from MoneyGram, published in X on Thursdaysays customers can now “send and receive money through both our digital platforms and partners,” but adds that the company is still working to satisfy pending transactions.

The company says its app is now lively and available. When TechCrunch checked on Friday, the MoneyGram app remained offline.