[BreachExchange] Feds confirm a compromised email resulted in $1.75 million hack at Brunswick’s St. Ambrose Catholic Parish

Inga Goddijn inga at riskbasedsecurity.com
Wed May 1 09:42:40 EDT 2019


https://www.cleveland.com/crime/2019/04/feds-confirm-a-compromised-email-resulted-in-175-million-hack-at-brunswicks-st-ambrose-catholic-parish.html

The FBI confirmed Tuesday that St. Ambrose Catholic Parish in Brunswick
lost $1.75 million
<https://www.cleveland.com/crime/2019/04/email-hackers-steal-175-million-from-st-ambrose-catholic-parish-in-brunswick.html>
through an email scam whose origin was a compromised business email.

The church released a letter Saturday acknowledging the missing money, but
the federal agency remained mum about its investigation until Tuesday when
it confirmed that hackers tricked the church into believing that the
construction firm hired to repair the church had changed its bank account.
The church wired the money to a fraudulent bank account, Father Bob Stec
said in his letter.

The FBI, which is working in conjunction with investigators with the
Brunswick Police Department, are still investigating and have made no
arrest in the case as of Tuesday afternoon. FBI spokeswoman Vicki Anderson
said she could not provide any additional information about the case.

The FBI says the church fell victim to what it calls a “business email
compromise,” or a BEC, where scammers spoof email accounts and websites,
utilize phishing emails that appear to come from trusted sources and
malware to gain access to the company’s networks and obtain sensitive
billing information.

“BEC is extremely sophisticated and can utilize various deception
techniques to fool individuals,” Anderson said in a statement released
Tuesday.

St. Ambrose discovered the theft April 17 after Marous Brothers
Construction contacted the church to ask why it had not paid two recent
bills totaling $1.75 million. The bills are related to the church’s Vision
2020 project <https://stambrose.us/vision-20-20-faq/>, which aims to raise
$4 million to repair and restore the church.

The church already currently works with an IT consultant, but Stec said it
plans to hire another firm to perform a review of its internet security.

He added that the church determined that only its email accounts were
hacked. No other information — including parishioner databases, or
financial information for the church’s automatic giving program — was
compromised.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20190501/ee595645/attachment.html>


More information about the BreachExchange mailing list