Email security, Threat Management

Feds, Kentucky city probe $4M BEC attack theft

The FBI and U.S. Secret Service have joined the government of Lexington, Kentucky, in investigating the business email compromise attack against the city government that resulted in the theft of $4 million in federal housing assistance funds, reports The Record, a news site by cybersecurity firm Recorded Future. An investigation into how the city's internal wire transfer processes were compromised by threat actors is underway but no government employees are currently suspected to be involved with the attack, according to Lexington Mayor Linda Gorton. Sophisticated threat actors were first identified on Aug. 25 to have intercepted emails between Lexington and a local community council, with city officials later determining that the city has already transferred nearly $4 million to the bank accounts of the attackers. Accounts involved in the attack have already been frozen in the evening of the attack's discovery, said Lexington Commissioner of Finance Erin Hensley. Attackers behind the BEC intrusion remain unidentified.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.