Scammer Steals $1.4 Million from the City of Portland

Bitdefender Purchase

The City of Portland in Canada has disclosed a cybersecurity breach that resulted in a fraudulent transaction of over $1.4 million. An investigation is underway to find the perpetrator.

In a press release issued May 27, the City of Portland announced it discovered a breach that led to a fraudulent financial transaction of approximately $1.4 million in late April, using City funds.

“This incident was identified after the City flagged another fraudulent financial transaction attempt from the same account on May 17,” the City said. “Preliminary evidence indicates that an unauthorized, outside entity gained access to a City of Portland email account to conduct this illegal activity.”

“​​A cyber incident response team was immediately activated to investigate the matter, evaluate the extent of the breach, and ensure that technology and policies are in place to prevent future cybersecurity threats,” according to the announcement.

Portland has tapped the FBI, the U.S. Secret Service, and the Portland Police Bureau to help with the investigation.

In an update issued June 1, the City of Portland reveals that the breach likely occurred in a typical Business Email Compromise (BEC) attack, where the attacker tricks a person in command to issue funds to a fake entity in their control.

“In April, an unauthorized, outside entity gained access to a Portland Housing Bureau email account and fraudulently diverted a payment intended for Central City Concern for costs related to the construction of the Starlight, an affordable housing development formerly known as the Westwind,” according to the announcement. “The fraudulent transaction resulted in the theft of $1.4 million in City of Portland General Fund dollars.”

No money from that funding source was used in the fraudulent transaction, the City says, despite the project being partially funded by the City’s housing bond. Construction of the Starlight is “expected” to remain on schedule, as the City works to ensure Central City Concern receives the actual payment.

Portland says it will disclose more information about the attack “in the coming week.”

In early May, the FBI issued a public service announcement acknowledging that BEC scams continue to evolve, targeting entities of any size indiscriminately. Between July 2019 and December 2021 the was a 65% increase in identified global exposed losses, the Bureau said.