$415,989 taken from Bullitt bank account [Louisville Courier-Journal]
While it's not clear yet exactly how it happened, it appears that hackers have absconded with over $400,000 from the county government's bank account in Bullitt County, Kentucky. According to this story from the Louisville Courier-Journal, hackers managed to infiltrate the email account of a county employee, and used the information within that account to impersonate the county employee to initiate several transfers of county funds out of the county's bank account.
The county was notified by its bank that a set of transactions was set to occur last month, which tipped them off that someone was using the account in an unauthorized fashion. Using that information, the county and the bank were able to determine that some money had already been stolen. Since some of the stolen funds were transferred to other banks in the U.S., some of the money has been recovered and returned to the county. This article indicates that prospects are dim for finding all the stolen cash.
Though this article doesn't indicate how the hackers gained access to the county's bank account, phishing scams are a popular method for hackers to steal funds out of bank accounts. These scams involve hackers sending an email that purports to be from a legitimate bank, and links within the email to resolve to a site that appears to be legitimate. But the site is hosted by the hacker, and if any user name or password information is entered into the site, it will be used by hackers to siphon funds out of the legitimate bank account. Microsoft has a good guide to identifying and protecting yourself from phishing fraud emails.
Comments