Original URL: http://www.theregister.co.uk/2010/01/05/school_district_bank_theft/
Feds investigate theft of $3m from NY school
An epidemic continues
Posted in Security, 5th January 2010 22:42 GMT
Watch Now : Virtual Machine Movement with Hyper-V
The FBI and New York state police are investigating the online theft of more than $3m from a small school district in the western part of the state.
All but $497,200 was eventually recovered after an employee at Norwich, New York-based NBT Bank [1] alerted officials at Duanesburg Central School District to the unusually large overseas transfers and managed to get them reversed. The pilfering happened over a four-day period starting on December 18.
"At this point, they haven't uncovered exactly how the funds were accessed, so that's what they're working on now," said Audrey Hendricks, a spokeswoman for the district.
Tales of multi-million dollar thefts from online bank accounts have become common by now. In November, the FBI estimated that losses to small businesses alone reached $100m as of the end of October. The American Bankers Association and the FBI recently warned small and midsized businesses to limit their online transactions to a single computer that's not used for other activities such as reading email or general web surfing, according to [2] USA Today.
The FBI has investigated more than 200 cases on online bank theft, mostly in 2008 and 2009, in which cybercooks successfully made off with $40 million, the paper reported.
In October, El Reg seconded advice first provided by security reporter Brian Krebs that online banking transactions no longer be carried out using Windows-based PCs [3].
Hendricks, the school district spokeswoman, said three employees were authorized to conduct online transactions, each on a different computer. None of them is considered a suspect in the theft. The district has about 1,000 students and an annual budget of $14.9m. ®