Jump to content
  • Portland City Officials Accidentally Send Hacker $1.4 Million

    aum

    • 319 views
    • 2 minutes
     Share


    • 319 views
    • 2 minutes

    Officials in Portland, Oregon, reportedly fell for the business email compromise scheme in April.

     

    A hacker managed to swindle the city of Portland, Oregon, out of $1.4 million by tricking municipal employees into wiring them the funds back in April.


    The culprit pulled off the theft through a business email compromise (BEC) scheme, which involved hijacking a city employee’s email account, according to Oregon Public Broadcasting.


    In May, Portland’s city government disclosed(Opens in a new window) it had lost $1.4 million in a cyber-related incident, without revealing all the details. But on Monday, OPB reported(Opens in a new window) it had obtained internal emails from the city that show the cybertheft occurred through a BEC attack.


    The hacker likely kicked off the scheme by sending a phishing email, which tricked a City of Portland employee into giving up their password to their email inbox. The access then gave the hacker enough information to impersonate an official at the housing nonprofit Central City Concern, which was preparing to secure $1.4 million in local funding.


    At one point, the city’s treasurer flagged the $1.4 million wire transfer as potentially fraudulent. This was because the name of the account receiving the wire transfer failed to match the Central City Concern's own bank account name.


    As a result, the city’s treasurer demanded municipal employees confirm the bank account information with someone at the nonprofit. However, the municipal employees decided to do so simply by communicating over email. In reality, the employees were speaking with the hacker impersonating the nonprofit. This led city employees to make the $1.4 million transfer anyway.


    The city of Portland only discovered the email breach after the hacker tried to make a second fraudulent wire transfer weeks later. IT staff then discovered the hijacked email account had been accessed from various locations, including Texas, Germany, and Nigeria, likely with a VPN.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...