The FBI and the New York State Police are actively investigating the events that caused a school district in upstate New York
The FBI and the New York State Police are actively investigating the events that caused a school district in upstate New York to lose over $400,000 USD. While $400,000 USD is a lot of money to the school district, it could have been worse, as the initial sum of the wire fraud was over $3 million. The Duanesburg Central School District announced the online hijackings on Monday, when Duanesburg Superintendent Christine Crowley issued a statement saying the district is doing all that it can to recover the lost funds. The story starts in mid-December. Over three business days, several attempts were made to transfer $3.8 million USD from a Duanesburg Central School District bank account with NBT Bank to various accounts overseas. Of the $3.8 million attempted, $3 million was successfully stolen.
NBT Bank noticed something odd on the day of the third illegal transfer (December 22), and contacted district officials to confirm the transfer request. Once the transfers were denounced, the bank worked to recover funds. However, out of the $3 million stolen from taxpayers, only $2.5 million was recovered.
“Thanks to NBT Bank’s aggressive pursuit of the stolen funds, we are fortunate that the vast majority of the money has been recovered,” Crowley said in a statement. “However, $497,200 of Duanesburg taxpayers’ money is still missing, and we are committed to doing everything in our power to recover the remaining funds.”
According to statements made to security author and analyst Brian Krebs by a Duanesburg Central official, the total initially attempted represented almost 25-percent of the school district’s annual budget. They went on to tell Krebs that they were unsure exactly how the theft happened. “The FBI only knows so much, which is unfortunate because we have lots of questions,” the official said.
As mentioned, no one is sure yet how the criminals gained access to the district’s online banking in the first place. The most obvious guess would be through Malware on the district computers, such as the Zeus Trojan. In the past, Malware such as Zeus has led to the loss of tens of millions of dollars due to bank fraud.
It is curious to note that the bank took action only after the third transfer. According to a FAQ presented to taxpayers, $1,862,400 was moved overseas on December 18, and on December 21, several transfers totaling $1,119,400 were sent to several locations. It was only on December 22, when transfers totaling $758,758 were attempted that the bank called the school district to ask questions.
Having covered this type of fraud in the past, we wonder why the bank took so long. Were transfers overseas from the school district so common that the bank wouldn’t notice $1.8 million in one go?
In response to the theft, the district has restricted online access to all of its bank accounts and is requesting that all payments be sent and received via paper check until further notice. A separate transfer account will be designated to handle payments that cannot be made by check.