IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Texas School District Loses $2.3 Million in Phishing Incident

School district officials have not yet fully explained how the money was transferred to the hackers, but investigators say they have some "leads" as to who the cybercriminals might be.

Hacker
Shutterstock/GlebSStock
A small school district in Texas has suffered a very costly cyberincident. 

Using an "email scam," hackers were able to steal $2.3 million from the Manor Independent School District, officials recently admitted. 

Both the city's police department and the FBI are now investigating the incident, and there are reportedly "strong leads" as to who the hackers are, said Angel Vidal Jr, the district's communications director

January 10, 2020 - Manor, TX - The Manor Police Department along with the Federal Bureau of Investigation (FBI) is investigating an incident involving a phishing email scam that resulted in the loss of approximately $2.3 million to the Manor Independent School District. pic.twitter.com/KTT8IHhQrT — Manor ISD (@ManorISD) January 10, 2020
While details of the incident could not be fully disclosed, Detective Anne Lopez of the Manor Police Department confirmed to Government Technology that the theft was discovered in December, with a district employee finding that three transactions the school had recently entered into had been fraudulent.

"Unfortunately [a lure email] was sent out and someone didn't recognize it was a phishing email until it was too late," Lopez said, explaining that her department is currently clearing local participation in the scam, and was looking to determine whether the hackers were based in the U.S. or overseas.  

It is unclear what the transactions were related to, but the incident has all the trappings of a social engineering incident — wherein hackers pose as legitimate actors in an online engagement as a means of gaining access to money or information.

Last year, hackers made off with $1.7 million from a North Carolina county after posing as contractors with whom officials were involved in a development deal.    

"It is the largest [cyberincident] that Manor Police Department has had to deal with since I've been here," Lopez added. 

But the Manor district isn't alone. Last year saw a significant uptick in hacks on schools districts nationwide, with ransomware being a prominent form of attack. 

According to the K-12 Cybersecurity Resource Center, around 15 percent of cyberincidents at schools in 2018 were phishing-related. Experts generally agree that the best way for schools to avoid these incidents is a combination of increased digital literacy among staff and students and protective software. 

Special Projects
Sponsored Articles
  • Sponsored
    How the convergence of security and networking is accelerating government agencies journey to the cloud.
  • Sponsored
    How the State of Washington teamed with Deloitte to move to a Red Hat footprint within 100 days.
  • Sponsored
    The State of Michigan’s Department of Technology, Management, and Budget (DTMB) reduced its application delivery times to get digital services to citizens faster.

  • Sponsored
    Like many governments worldwide, the City and County of Denver, Colorado, had to act quickly to respond to the COVID-19 pandemic. To support more than 15,000 employees working from home, the government sought to adapt its new collaboration tool, Microsoft Teams. By automating provisioning and scaling tasks with Red Hat Ansible Automation Platform, an agentless, human-readable automation tool, Denver supported 514% growth in Teams use and quickly launched a virtual emergency operations center (EOC) for government leaders to respond to the pandemic.