Feeds

Water utility auditor resigns, transfers $9m offshore

In that order

High performance access to file storage

California and federal officials are searching for a former employee of a large water utility who is suspected of trying to transfer more than $9m to an offshore account after quitting the company.

Abdirahman Ismail Abdi made the brazen transfers on April 27, just hours after resigning from the California Water Services Company, according to documents filed in federal court in Northern California. The following morning, he allegedly put his wife and two small children on a plane bound for Frankfurt, Germany, and then tried to deposit a $25,000 check that was stolen from his former employer.

The account is the latest reminder of the security threat posed by insiders. Over the past year, organizations from the London branch of Sumitomo Mitsui Bank to Countrywide Home Financial have fallen victim to large attempted heists that were in part carried out by employees. Many more businesses have been hobbled by sabotage allegedly carried out by disgruntled employees.

In Abdi's case, it would appear his former employer failed to take basic precautions in preventing the transfers.

On the evening of April 27, for instance, Abdi was able to use his electronic key card to access a secured parking lot just hours after resigning as an auditor at the utility, according to court documents. Abdi, who is now 33, then accessed two password-protected computers located in separate buildings to wire more than $9m out of his former employer's Bank of America account into accounts in Qatar.

The California Water Services Company, which bills itself as the largest investor-owned American water utility west of the Mississippi River and the third largest in the country, has yet to explain how a former employer could gain access to some of its most sensitive buildings. It also is unclear how Abdi had knowledge of two separate passwords.

It would appear that Abdi's plan may not have succeeded. Two of the three of the wire transfers were blocked and funds from the third are believed to have been frozen, according to court documents. Police believe Abdi fled California for New Westminster British Columbia. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn
Installing random interwebs shiz will bork your zombie box
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.