Conversation

Notices

1. Embed this notice
   Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 24-Sep-2024 23:10:13 JST Kevin Beaumont

   Re the Moneygram cyber incident - I can see, 5 days ago, they began containing their network.

   Network border devices plus all VPNs are still shut down.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 25-Sep-2024 07:02:57 JST Kevin Beaumont

     in reply to

     MoneyGram incident is bad. #threatintel

     GreenSkyOverMe (Monika) repeated this.
   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 26-Sep-2024 05:04:32 JST Kevin Beaumont

     in reply to

     MoneyGram still don’t have a website and haven’t contacted customers to tell them there’s a cyber incident.

     Their external network still looks contained, too. #threatintel

   • Embed this notice
     Zack Whittaker (zackwhittaker@mastodon.social)'s status on Thursday, 26-Sep-2024 06:31:43 JST Zack Whittaker

     in reply to

     @GossiTheDog "We'll be right back" takes the piss a little bit.

   • Embed this notice
     Patrick Middleton (patmikemid@sfba.social)'s status on Thursday, 26-Sep-2024 06:48:02 JST Patrick Middleton

     in reply to

     @GossiTheDog We were shut out of our Patelco Credit Union accounts for 17 days. That was…odd.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 26-Sep-2024 22:52:24 JST Kevin Beaumont

     in reply to

     After many days MoneyGram have got their service and website back online.

     They haven’t mentioned their cyber incident anywhere except their Twitter account. #threatintel

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 07-Oct-2024 23:47:02 JST Kevin Beaumont

     in reply to

     MoneyGram say their week long total outage wasn’t caused by ransomware deployment - but a threat actor phoning the helpdesk and getting onto the internal network. Probably wise they shut down as it could have got much worse. https://www.bleepingcomputer.com/news/security/moneygram-no-evidence-ransomware-is-behind-recent-cyberattack/

     #threatintel

   • Embed this notice
     David Anson (davidanson@mastodon.social)'s status on Tuesday, 08-Oct-2024 01:13:57 JST David Anson

     in reply to

     @GossiTheDog An attacker was on their network for a week - do we as potentially affected outsiders care if it was ransomware or not?

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 08-Oct-2024 06:49:06 JST Kevin Beaumont

     in reply to

     MoneyGram say their threat actor stole customer info and transaction data.

     They’re the 2nd largest money transfer service. https://techcrunch.com/2024/10/07/moneygram-says-hackers-stole-customers-personal-information-and-transaction-data/

     #threatintel #moneygram