Eagle Mountain City loses $1.13 million in cybercrime
Sep 12, 2022, 9:33 AM | Updated: 7:30 pm
EAGLE MOUNTAIN, Utah — Eagle Mountain City was the victim of an organized cybercrime resulting in the loss of nearly $1.13 million.
According to a press release from the city, “This crime was orchestrated through an email impersonation wherein the individual(s) responsible were able to portray themselves as a representative of a vendor working closely with the City on a major infrastructure project.”
Tyler Maffit, the city’s communications manager, said the cyber crooks inserted themselves into an ongoing email thread between Eagle Mountain employees and the company working on a road construction project.
“They were able to set it up in a convincing way to our city staff — who has many, many years of public service and financial oversight — to wire them funds of a significant amount,” he said.
The city immediately took action, contacting the FBI and Utah County Sheriff’s Office as well as the vendor within minutes of learning of the incident on Aug. 31.
Further investigation revealed the amount stolen was transacted through an Automated Clearing House transfer.
“By the time we discovered it, these criminal perpetrators, who are quite advanced, have chopped the money up 10 different ways, and the likelihood of recovery from those responsible for stealing it is unlikely,” Maffitt said.
Since the incident, Eagle Mountain City has spent “significant time strengthening its financial policies regarding ACH payments.”
The changes made are designed to prevent future incidents and add a layer of accountability for city staff when completing financial transactions.
“This was very unfortunate, but we’re taking it seriously and we’re taking strong action to ensure it doesn’t happen again,” Maffitt said.
Fortunately, the release explains that the city had previously prepared for the possibility of a cybercrime and has an insurance policy that relates specifically with cybercrimes.
“Eagle Mountain City is working with the insurance company to be reimbursed for the loss.”
The city reassured that no client, resident, or vendor information was compromised as a result of the cybercrime.
The crime is currently under investigation, and at this time, no city or vendor employees are under suspicion of wrongdoing.