Quincy Pension Funds Still Inaccessible After Last Year’s Phishing Attack

Funds that were stolen through a phishing attack a year ago remain lost to the city of Quincy. Let’s review the situation as it stands now… and determine what you need to do to avoid a similar situation from befalling your own organization.

In February 2021, the Quincy Retirement Board Lost $3.5m to a Scam

After being prompted by a scam email, an employee of the city’s pension fund sent a wire transfer containing the $3.5 million. Using a former employee’s hacked email account, the scammer posed as a member of the Board’s staff and convinced the employee to transfer the funds to a third-party bank. 

The board’s attorney released a statement, claiming that the appropriate notifications had been made to the necessary state, federal, and regulatory agencies immediately after the hack was discovered. However, news of the hack wasn’t delivered to the public until much later.

After the discovery of the hack, the board was prohibited from entering in new investments until the investigation closes, with the replenished funds now managed by the Pension Reserves Investment Management Board.

While the Fund Has Been Replenished, the $3.5 Million is Still Missing, Proving How Serious Phishing Can Be

Let’s make one thing clear—this is not a happy ending to the story. There’s still 3.5 million pieces of evidence that phishing works out there, encouraging others to attempt similar crimes.

You need to do whatever you can to avoid this from happening to your business—even on a smaller scale. Due to the nature of phishing attacks, this will require in-depth and ongoing employee training to be sure that they are remaining vigilant against these kinds of attacks and others.

We can help. Reach out to us to find out more about our various cybersecurity services and how they help protect the data you rely on. Call (774) 213-9701 today.