Breach of customer database threatens personal info of about 20,000 customers

2 Min Read

Western Union is notifying some 20,000 customers of a database breach that may have compromised their personal information, according to a report published earlier today.

The thieves got names, addresses, phone numbers, and complete credit-card information by breaching a Western Union database sometime in late May, according to a July 6 letter sent to customers by James Keese, Western Union's privacy officer.

The company did not provide details on how the breach occurred, but company spokeswoman Sherry Johnson told reporters that the database was "offline" and could not have been accessed via the Western Union Website.

"We are not aware of any ID theft or any kind of fraudulent use that was made from this information," Johnson said. The FBI is investigating the incident.

The authors of the report asked customers at a New York Western Union office about the letter, but none of the individuals they interviewed had heard about the incident. No notices about the incident were posted in the office, according to the report.

Western Union has suffered security breaches before. Last August, the company notified customers of its Equity Accelerator service that their data might have been compromised through a burglary at Paymap Inc., a Western Union contractor. In September 2005, thieves made off with disks containing personal data on Equity Accelerator customers from 1999 to 2002, according to a letter from Michael Mulligan, vice president of operations at Paymap.

And way back in September of 2000, Western Union was forced to shut down its Website for five days after a security breach allowed hackers to steal the credit or debit card numbers of more than 15,000 customers.

Requests for details on the breach have not been answered at this posting.

— Tim Wilson, Site Editor, Dark Reading

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading


Tim Wilson is Editor in Chief and co-founder of Dark, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights