An email hacking technique attempts to steal $13 million from a Pennsylvania school district
Share
The Chester Upland School District in Pennsylvania was the target of a sophisticated operation that encompassed hacked email accounts, bitcoin, and a romantic hoax using a newly widowed Florida woman. The theft attempt totaled $13 million.
According to a statement made last week by the Delaware County District Attorney’s Office in Pennsylvania, local government organizations did manage to intercept and recover $10.3 million of the $13 million that was taken from the district.
At first, a hacker gained access to CUSD’s email systems. The bank account for district monies received by the Pennsylvania Department of Education was then changed by the hacker using a hacked email account. From there, future funds destined for the school district from the state department of education might be sent to a hacker’s bank account.
Unaware that she was being utilized as a money mule, the widowed Florida resident bought bitcoin and made bank transfers to send the illegally obtained funds to people abroad. She followed the instructions of a made-up love interest that she met on an internet dating site.
Although the district is happy that the majority of the stolen funds have been found, the $3 million missing remains a considerable loss, according to Nafis Nichols, receiver for CUSD, in a statement.
According to Amy McLaughlin, a subject matter expert at the Consortium for School Networking, this money laundering scam demonstrates how sophisticated cyberattacks against school districts are getting.
According to McLaughlin, districts that use publicly accessible and visible building bonds are also easily prey for similar methods to the one used in CUSD.