The city of Atascadero and Rabobank are investigating how a computer hacker managed to breach multiple levels of security in an attempt to steal $83,000 in wire transfers from a city account at the bank.
According to City Manager Wade McKinney, the hacker sent a phony email ostensibly from the National Automated Clearing House Association (NACHA), which annually facilitates billions of electronic payments such as direct deposit and direct payment.
When a city computer tech opened the email, it released a virus that used the wire transfer system the city has with the bank to transfer funds to accounts at several banks across the country that the city has no dealings with.
NACHA’s website says that since February, it has been “the victim of sustained and evolving phishing attacks in which consumers and businesses are receiving emails that appear to come from NACHA. The attacks are occurring with greater frequency and increased sophistication.”
According to McKinney, this is what happened in Atascadero:
Five transfers happened July 1, with three of those transfers adding up to $30,000 and going to Tinker Federal Credit Union in Oklahoma, which does not do business with the city. After credit union employees noticed and then flagged the irregular transfers, they called the city to inform it about the transfers. The money will now be returned to the city by the bank.
The two other transfers that day never went through because of invalid account numbers.
Another five unsuccessful attacks were mounted Tuesday. The transfers, some of which were caught by Rabobank, were directed to banks in California, Florida, Maryland and Pennsylvania. “We’re still trying to uncover all the details,” McKinney said, “but it looks like we got a virus in one of the computers, then when we connected with Rabobank for a wire transfer, it got mirrored and sent out other transfers. We’re looking into how it got around all of the security measures."
No one has been arrested for the crime. The FBI is investigating the case.