A MoneyGram International server has been breached, allowing cybercrooks access to the personal information of nearly 80,000 people.
Hackers accessed the server through the web sometime last month, the money-transfer company said in a statement released on Friday.
Experts have not confirmed that any data was compromised but said some personal information - including names, addresses, telephone numbers and bank account numbers - may have been viewed.
The data in question belonged to customers making payments to a single biller and did not include any Social Security or other identification numbers, according to the statement.
Vicki Keller, vice president of MoneyGram's global payment services, said in the statement that the company is working with authorities and has implemented "additional security measures" to prevent similar attacks in the future. She did not elaborate on the measures.
The Minneapolis-based company is offering victims one year of free credit monitoring.
MoneyGram officials called the incident "isolated" and said it should not affect its bottom line.
David Taylor, vide president of security strategies at Stamford, Conn.-based data protection firm Protegrity, told SCMagazine.com today that MoneyGram should be more forthcoming when describing the breach to avoid losing the trust of customers.
"It's a little bit surprising that they're releasing as few details as they are," he said. "Let's get on with understanding what happened. It's just bad form to keep this information under your hat without explaining anything."
Taylor said a trojan or a malicious insider could have helped the attack succeed, but he declined to further speculate.
A MoneyGram spokeswoman could not be immediately reached for comment today.
Americans suffered personal information data breach No. 100 million just last month, according to the Privacy Rights Clearinghouse.
Click here to email reporter Dan Kaplan.