Officials in Portland, Oregon, discovered they lost $1.4 million to fraudulent activity after malicious actors gained access to a government email account.
Preliminary evidence indicates that an unauthorized, outside entity gained access to a City of Portland email account to conduct this illegal activity. Officials identified the breach after they flagged another fraudulent financial transaction attempt from the same account on May 17.
After city officials discovered the incident, a cyber incident response team was immediately activated to investigate the matter, evaluate the extent of the breach, and ensure that technology and policies are in place to prevent any future cybersecurity threats.
An updated notice on the incident said that the malicious actors gained access to a Portland Housing Bureau email account and fraudulently diverted a payment intended for Central City Concern for costs related to the construction of the Starlight, an affordable housing development that was formerly known as the Westwind.
“Although the project is partially funded by the city’s housing bond, no money from that funding source was used in the fraudulent transaction,” city officials said in a statement. “The city is working quickly to ensure Central City Concern receives payment. Construction of the Starlight is expected to remain on schedule, with a projected opening this fall in Old Town.”
An investigation is still underway to discover and hold accountable whoever is responsible for the fraudulent activity, and city officials are still assessing all available avenues to recoup funds.
However, to prioritize security and ensure the integrity of the investigation, city officials said they do not plan on releasing any additional information at this time.
“We are committed to sharing as much information about this incident as possible while protecting sensitive information that could compromise the city’s security,” city officials said.