Equifax Hack May Hinder Ant Financial’s Chances Of Buying MoneyGram

As a multi-agency advisory panel in the Trump Administration comes to the end of its review of Ant Financial’s acquisition of MoneyGram, the possibility of data theft by foreign countries becomes a main point of concern.

The Congressional Committee on Foreign Investment has been weighing the approval of the $1.2 billion purchase of MoneyGram by Jack Ma’s Ant Financial. MoneyGram has 30,000 U.S. locations and tens of millions of global customers.

The New York Post cited two sources with direct knowledge of the panel’s thinking, saying that while it had been just been focusing on traditional national security issues, it has now shifted its focus to foreign threats of identity fraud and data theft.

The massive breach of Equifax’s database by an unknown cyber thief has raised these new concerns — especially since there are suspicions a foreign government may have been behind the Equifax attack. The data breach exposed the names, birth dates and Social Security numbers of approximately 143 million consumers in the U.S., as well as the credit card numbers of approximately 209,000 people.

The panel has already established a tough stance on acquisitions by Chinese companies of U.S. firms. President Donald Trump’s administration recently backed its recommendation and blocked a Chinese-backed investor from acquiring Lattice Semiconductor. The proposed buyer of Lattice Semiconductor, Canyon Bridge Capital Partners, a private equity firm, has a Chinese investor, Yitai Capital, which was expected to invest in the deal.

“It is getting harder and harder for China to get deals done here,” a source working on the MoneyGram review said.

Ant Financial declined comment on its CFIUS (Committee on Foreign Investment in the United States) review but expects the deal to close by December 31. Jack Ma met with a CFIUS panel member in July and has also met with Trump.

Shares of MoneyGram fell 4.2 percent on Thursday. The company has said it does not have sensitive data, and the vast majority of remittance transfers require only a name, address and date of birth, minimizing the risk of identity fraud.