Hacked school district in Georgia thwarts attempt of stealing the payroll funds
Two-factor authentication foiled an attempt of stealing around $2 Million of payroll funds from Southern Georgia's Thomas County School System, as per the district officials.
Unauthorized access was gained by hackers around February 7, 2019, on a district computer that stores private banking information including the names, bank account along with routing numbers, and ID numbers of the district employees, as per the breach notice published on Tuesday (i.e. on February 5, 2019) by the district. "This was a targeted attack," as told to EdScoop by the public relations officer of the K-12 district, Dusty Kornegay.
The investigation of the district revealed that the hackers has sought to infiltrate district's banking system in order to transfer the money from payroll accounts of the district to their personal accounts, however the security protocols of the district has stopped the activity before the money got transferred.
Kornegay said that the school district needs a second level of authentication before transferring of any funds. Thus when district's bank has received a suspicious transfer request from automated clearing house, the bank immediately checked with school system before processing of the transfer request. Therefore, no funds got lost, he said.
As per breach notification of the district, shortly after they came to know about the intrusion, BlueVoyant, the global cybersecurity defense firm, has been hired for investigating this attack and implementing software so as to avoid this kind of future incidents.
Kornegay said that the Thomas County School System have one cybersecurity insurance policy. He added that this cybersecurity insurance policy has been helping to cover the legal and forensic costs. The school employees were informed about the attack on February 4, 2019, and were advised to monitor the bank accounts for possible fraudulent activity.
The scope of this incident is still getting investigated, although the district says that no passwords of employee accounts or the Social Security numbers were accessed by hackers.
In their breach notification, the district states it is committed to improve overall security architecture of the district and that "protecting the security of our employees' personal information is a top priority".
» SPAMfighter News - 3/25/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!