The U.K.’s data protection regulator has confirmed it’s investigating MoneyGram after receiving a data breach report from the U.S.-based money transfer giant.
The U.K.’s Information Commissioner’s Office, which requires that organizations report data breaches within 72 hours of discovering the incident, confirmed to TechCrunch on Friday that the watchdog had received a report from MoneyGram following a cybersecurity incident at the company.
“We have received a report from MoneyGram and will be making enquiries,” ICO spokesperson Lucy Milburn told TechCrunch.
The extent of a potential data breach at MoneyGram remains unknown. MoneyGram, the world’s second-largest money transfer provider, serves over 50 million people in more than 200 countries and territories each year.
MoneyGram has remained largely silent about the cybersecurity incident beyond a handful of updates posted to its X account.
The company’s website, which is now back up and running after almost a week offline, contains no mention of the cybersecurity incident, and MoneyGram has not responded to TechCrunch’s multiple requests for comment.
MoneyGram first confirmed the cybersecurity incident on Monday following three days of operational downtime, saying it “identified a cybersecurity issue affecting certain of our [sic] systems” and had taken some systems offline in an effort to contain the incident.
The outage forced both the company’s website and app offline, leaving customers unable to make in-person or online payments. The outage also affected MoneyGram partners, including the Bank of Jamaica and the U.K.’s Post Office.
The latest update from MoneyGram, posted on X on Thursday, says that customers can now “send and receive money through both our digital platforms and agent partners,” but adds that the company is still working to fulfill pending transactions.
The company says that its app is now live and available. When TechCrunch checked on Friday, MoneyGram’s app remained offline.