Almost half a million dollars was diverted out of the city of Tallahassee’s employee payroll Wednesday after a suspected foreign cyber-attack of its human resources management application.
Hackers attempt every day to breach the city’s security, officials say, but this week's operation netted about $498,000.
The employees have all been paid, said city spokeswoman Alison Faris, and officials are working to determine the hack’s origins.
“Early indication is that it was possibly initiated outside of the U.S.,” Faris said in an email.
The out-of-state, third-party vendor that hosts the city's payroll services was hacked and as a result the direct deposit paychecks were redirected. Employees throughout the city’s workforce were affected.
The city is working with its bank to recover the money and already has recouped 25 percent of the missing funds. It is also in touch with its insurance company and law enforcement to pursue criminal charges.
Officials learned of the security breach when the city's bank contacted them and employees awoke to notice they had not been paid. This is the second time in a month the city's online security has been compromised.
Last month, a Dropbox link was sent out from the email account of City Manager Reese Goad. The phishing email, which originated externally, contained a virus. It is unclear how many people the email went to, but there does not appear to be any lingering impacts, officials said.
Faris said the two attacks do not appear to be related, but IT professionals say phishing attempts can often garner passwords and other data that give hackers the tools to strike.
“Usually the way they get in is through email," said Blake Dowling, president of technical support and cyber security company Aegis Business Technologies. “Those happen all the time. If you’re not trained to be on the lookout for something, about how that may look or feel or the implications, it can bring your city to a crawl.”
Karl Etters, Tallahassee Democrate, April 5, 2019