1 min read

Hacker Steals $7.5 Million from Maryland Non-Profit by Compromising Employee"s Personal Computer

Silviu STAHIE

September 04, 2020

Hacker Steals $7.5 Million from Maryland Non-Profit by Compromising Employee"s Personal Computer

A hacker stole $7.5 million from the endowment funds of The Jewish Federation of Greater Washington, a non-profit from Maryland in the US.

Such security incidents perfectly illustrate the dangers of working from home, as the hacker compromised the personal computer of an employee working remotely. CEO Gil Preuss made the announcement in a virtual call with employees, according to a report from The Washington Post.

While the FBI is now investigating, the agency refused to comment. The little information shared by the non-profit indicates that other funds belonging to the organization remained untouched.

The hack was only discovered on August 4 by a security contractor who noticed unusual activity in an employee”s email account. Preliminary information shows the hacker had access to the system long before stealing the money, as early as the first months of summer.

The organization has only 52 employees, and they are no longer allowed to use personal computers for work. The investigation continues as the security specialists take a closer look at systems and servers. An audit will determine if the hacker compromised or stole more than $7.5 million.

“It is all heartbreaking and devastating in so many ways,” said Preuss. “It”s the combination of how could this happen, how could it be prevented and how do we make sure we can still focus on the critical issues in front of us.”

With so many people working from home, cybersecurity has become the new challenge of IT departments. It”s difficult enough to secure corporate-issued hardware, let alone the personal computers and devices of employees.

Such incidents are rarely random, with threat actors directly targeting people within organizations who have access to financial accounts. Not using personal devices for work should be the bare minimum for a company or non-profit with people working remotely. A close second is mandatory cybersecurity training for employees.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

FBI Warns that Tokyo 2020 Summer Olympics Is Prime Target for Cyberattacks FBI Warns that Tokyo 2020 Summer Olympics Is Prime Target for Cyberattacks
Silviu STAHIE

July 27, 2021

1 min read
Patch your iPhones and Macs against "actively exploited" zero-day right now Patch your iPhones and Macs against "actively exploited" zero-day right now
Graham CLULEY

July 27, 2021

2 min read
Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read