City Of Tallahassee Looses Almost Half A Million In Payroll Scam

Cyber-attacks and phishing scams are everywhere. With each new headline in the news, it looks as if cybercriminals are getting bolder and more sophisticated with their scams every day. No matter how secure you might think you are, even seasoned IT professionals have fallen prey to some of the more clever attacks.  

The Tallahassee Democrat reported earlier this month that the city of Tallahassee lost nearly a half a million dollars from a hacking attack that authorities believe came from a foreign source. City officials say that although hackers attempt to breach security for the city on a daily basis, this one was successful in netting approximately $498,000.

City spokeswoman Alison Faris said in an emailed statement to the paper that the city uses an out of state, third-party vendor to host its payroll. The vendor’s system was hacked and employee payroll was redirected. Many Tallahassee city workers were affected.

Recovery efforts are underway, so far the bank which services the city’s account and the city of Tallahassee has been able to recover about a fourth of the missing payroll. Law enforcement authorities and the city’s insurance provider are also investigating the case and will likely pursue criminal charges in the matter.

Blake Dowling, president of Aegis Business Technologies, which provides technical support and cyber-security told reporters, “Usually the way they get in is through email.” Dowling went on to explain that cyber-attacks can be hard to recognize. It can be something as seemingly insignificant and routine as a browser or document that is slow to load. Even networks that are thought to be secure can fall victim to such attacks.

Once cybercriminals gain access to a system, they can install malware that acts as a keystroke logger to gain access to passwords. They then use this information to lock down a system and hold it for ransom. In February of this year, Tallahassee’s internet service provider had to pay a ransom of $6,000 in order to get the city’s operations back online.