Hackers stole more than $6 million from the city of New Haven through a series of cyberattacks, and the FBI and New Haven police are investigating, Mayor Justin Elicker announced Thursday.
It appears that hackers got access to the email account of the chief operating officer of New Haven’s public schools in late May.
The mayor said the thefts were “business email compromise.”
Elicker said it appears hackers were monitoring emails between the chief operating officer of New Haven Public Schools, vendors and the city’s budget office, then impersonated the COO and several vendors and made requests for electronic transfers of money to fraudulent accounts.
In total, six fraudulent payments were made, Elicker said.
Four were intended for First Student, the company the city uses for school bus service. Elicker said the four transfers were for a total of $5.9 million.
Two payments were for a law firm the New Haven Public Schools department uses and those payments were for $76,000.
The hackers failed on another attempt in July because the city’s budget office denied it.
Elicker said the city learned of the hacks on June 23 when First Student contacted the city to find out when the company would be receiving payments.
The city immediately contacted the banks where the transfers were made and the police department, which then contacted the FBI and the United States Attorney’s Office.
The city has been able to recover $3.6 million so far.
Elicker said the FBI has been able to freeze some additional funds and is working to recover funds that have not been recovered or frozen.
The FBI calls “business email compromise” scams “one of the most financially damaging online crimes.”
They said criminals send an email message that appears to come from a known source making a legitimate request. More information on this type of scam is posted on the FBI website here.
Elicker said the city of New Haven has stopped all electronic transfers other than employee payroll transfers until further notice.
They are also working to strengthen cybersecurity and reaching out to companies that specialize in cyber security.
Elicker said they have reached out to insurance carriers for the city as well.
The city is conducting an internal review to ensure that all employees follow proper IT and financial procedures.
Elicker said they do not believe any city employees were involved in the hacking itself, but one employee in the city’s budget law office has been on paid administrative leave as the review takes its course.
Investigators are working to identify the hackers and determine how they were able to access the email.
——————————————————–