Feeds

Feds investigate theft of $3m from NY school

An epidemic continues

Reducing security risks from open source software

The FBI and New York state police are investigating the online theft of more than $3m from a small school district in the western part of the state.

All but $497,200 was eventually recovered after an employee at Norwich, New York-based NBT Bank alerted officials at Duanesburg Central School District to the unusually large overseas transfers and managed to get them reversed. The pilfering happened over a four-day period starting on December 18.

"At this point, they haven't uncovered exactly how the funds were accessed, so that's what they're working on now," said Audrey Hendricks, a spokeswoman for the district.

Tales of multi-million dollar thefts from online bank accounts have become common by now. In November, the FBI estimated that losses to small businesses alone reached $100m as of the end of October. The American Bankers Association and the FBI recently warned small and midsized businesses to limit their online transactions to a single computer that's not used for other activities such as reading email or general web surfing, according to USA Today.

The FBI has investigated more than 200 cases on online bank theft, mostly in 2008 and 2009, in which cybercooks successfully made off with $40 million, the paper reported.

In October, El Reg seconded advice first provided by security reporter Brian Krebs that online banking transactions no longer be carried out using Windows-based PCs.

Hendricks, the school district spokeswoman, said three employees were authorized to conduct online transactions, each on a different computer. None of them is considered a suspect in the theft. The district has about 1,000 students and an annual budget of $14.9m. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.