Attackers distributed fifteen emails to bank employees which appeared to originate from a reputable source. Just one employee clicked on the attachment but that was sufficient for the hackers to to transfer USD $171 million from the bank.
Initially transferred from their accounts at Citigroup and J.P. Morgan in New York, the recovery process necessitated a seven country hunt (spearheaded at top levels of government) to reverse the theft.
Fortunately the bank's manual control environment detected the fraud quickly and funds were recovered in full within 60 hours of discovery.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you: