The government of Puerto Rico has revealed it fell victim to an email phishing scam, with the attackers making off with more than $2.6 million in stolen funds.
On February 12, the finance director of the island’s Industrial Development Company, Rubén Rivera, filed a compliant to police, noting the agency wired the funds to a fraudulent account, AP reports.
The transfer purportedly took place on January 17, after the agency received an email which suggested there has been a change to a banking account tied to remittance payments, according to a police statement.
“This is a very serious situation, extremely serious,” Industrial Development Company Manuel Laboy told AP. “We want it to be investigated until the last consequences.”
Laboy kept mum about the details of the cyber heist, so it remains unclear how the agency discovered the swindle or whether someone has been let go following the incident. He did, however, say the agency is conducting an internal investigation to determine if someone was negligent or did not follow proper protocol.
The incident extends the streak of awful hacks suffered by governments around the world in 2019.
Last July, hackers breached Bulgaria’s tax agency and leaked the personal data of nearly 5 million citizens — a shocking amount of people considering the country’s 7-million population. Similarly, Ecuador suffered a breach that exposed the personal data of up to 20 million people.
There was no citizen data leaked in the case of Puerto Rico, so at least that. You know where the $2.6 million of phished funds is going to come out of, though: the people’s pockets. That’s surely not going to help with the country’s 13-year-long recession, either.