School District Bank Heist

About the Online Theft of Funds from a Duanesburg Central School District Bank Account

Over the course of three business days, from Dec. 18-22, a series of attempts were made via online access to steal approximately $3.8 million from a Duanesburg Central School District bank account with NBT Bank. Of that amount, approximately $3 million was transferred—some of which was ultimately deposited in overseas bank accounts. To date, approximately $2.5 million has been recovered. Efforts are still underway to catch the person or people responsible and recover the remaining $497,200 in Duanesburg taxpayer funds. This is an ongoing and active investigation involving the Federal Bureau of Investigation (FBI) and the New York State Police.

What exactly happened?

On Friday, Dec. 18, an unauthorized electronic transfer of $1,862,400 was made from a Duanesburg Central School District NBT Bank account to an overseas bank.

On Monday, Dec. 21, several different unauthorized electronic transfers totaling $1,190,400 were made to multiple overseas locations.

On Tuesday, Dec. 22, a third attempt to make unauthorized electronic transfers totaling $758,758.70 to multiple overseas locations was flagged for abnormal activity by a bank representative, who notified the district’s business official. Upon confirmation from the district that the request was indeed unauthorized, NBT Bank denied the pending Dec. 22 transactions. At this time, the two previous transactions were also discovered. The FBI was contacted and launched a criminal investigation.

To prevent any district bank accounts from being further compromised, the district closed all of its bank accounts and established new ones with restricted online access.

District officials have been working collaboratively with NBT Bank, the FBI and the State Police Cyber Crime and Critical Infrastructure Unit to assist in efforts to recover the funds and investigate who is behind this cyber crime. At this time, $2,555,600 of the $3,052,800 transferred has been recovered.

Efforts are still underway to identify and arrest the person or people responsible and recover the remaining $497,200 that was stolen from the district’s bank account.

How did this happen?

The district is the victim of a cyber crime, which is a growing problem for individuals and organizations around the world. The FBI and the New York State Police are still actively investigating this incident to identify and arrest the person or people responsible. At this time, we do not have any more information on how this happened and do not expect to have any more information to share until the investigation concludes.

Will the district be able to recover the lost funds?

Of the $3 million dollars that was illegally transferred to overseas bank accounts, $2.5 million has already been recovered. The district is optimistic that it will be able to recover the remaining $497,200 in stolen funds and will aggressively pursue all available avenues as the investigation unfolds.

What steps have been taken to improve security of the school district’s bank accounts?

While no organization can make itself 100 percent immune from Internet crime, in response to this situation, the district has restricted online access to all of its bank accounts and is requesting that all payments be sent and received via paper check until further notice. A separate transfer account will be designated to handle payments that cannot be made by check. In addition, the district called in its external auditor to reconcile bank statements with all transactions and activity for the month of December, in keeping with its current practice of reconciling bank records on a monthly basis. The external auditor will also begin conducting a biweekly review of all cash transactions and bank activity.

What if the remaining missing funds cannot be recovered?

The district remains hopeful that the outstanding funds will be recovered and is committed to pursuing all possible avenues to recover the money depending on the outcome of the investigation. The Board of Education and district officials are going to be reviewing all options to minimize the effect on taxpayers and students while maintaining the long-term financial stability of the district.

Has any other confidential or financial information been compromised?

It does not appear that any additional information has been compromised at this time.

Did the Comptroller’s Audit make recommendations dealing with this situation?

No. The New York State Comptroller’s Audit released in February 2008, for the period of July 2005 through June 2007, included recommendations to improve policies and procedures for purchasing and claims processing as well as the segregation of duties in the area of payroll. With regard to information technology, the report recommended that the district develop a formal disaster recovery plan and investigate the feasibility of storing back-up data off-site. All of the comptroller’s recommendations were implemented at that time. Nothing in the audit report pointed to any areas of concern regarding access to or the security of bank accounts. View the entire audit report, which is posted on the Comptroller's Web site as a PDF.

Source: http://www.duanesburg.org/news/0910/cybercrimeqanda.htm