Thursday, October 8, 2020

Town of Franklin: Spear Phishing Attack Announcement

October 8, 2020

To:    Town of Franklin Residents
From: Jamie Hellen, Town Administrator

The Town of Franklin is cautioning all residents and employees to be mindful of the sharp increase in malicious cyber fraud and email phishing attempts. The Town of Franklin is announcing today that it has itself been the victim of a recent “spear-phishing” attack. A payment of $522,000 was misdirected to a third party.

The matter has been turned over to the Franklin Police Department who are working with state and federal authorities, for a complete criminal investigation. In addition, the Town has retained as special counsel in connection with this matter an attorney to coordinate and work with the authorities on this matter. Attorneys for the Town have requested there be no further comment on the investigation until the appropriate time when all of the facts have been gathered and the Franklin Police Department has completed its investigation.

I have been reassured that Franklin’s electronic data is secure. There is currently no evidence of a breach of our systems. All personal information, accounts and town software systems have been found not to be compromised. The incident was not a ransomware attack.

I also wish to note that this incident has not affected the Town’s general fund. It occurred in connection with a non-general fund account. The Town is implementing new procedures and protocols to limit future incidents of this type and urges all to guard against increased fraud.

For further resources and information on cyber-crime, threats and spear-phishing, please visit the Federal Bureau of Investigation’s (FBI) cyber-crime website here:
https://www.fbi.gov/investigate/cyber

--------------

Shared via ToF Twitter account   https://twitter.com/TOFranklinMA/status/1314341421135147013   which contained the following PDF  https://www.franklinma.gov/sites/g/files/vyhlif591/f/uploads/2020-10-08_spear_phishing_attack_announcement_.pdf

 

Town of Franklin: Spear Phishing Attack Announcement
Town of Franklin: Spear Phishing Attack Announcement

 

6 comments:

  1. No a good look for Franklin especially coming off the primary problem.

    Ken Norman

    ReplyDelete
  2. Totally unrelated but bad news is just that, bad

    ReplyDelete
  3. Doesn't the town have up to date cybersecurity measures and training in place for its employees? There is literally no reason this should have happened.

    ReplyDelete
    Replies
    1. they do regular training, and they do have processes in place. In the cyber world unfortunately, the nefarious folks are usually a step ahead.

      Delete
  4. What difference does it make if it's a general fund or non general fund account. The money is just as gone.

    ReplyDelete
    Replies
    1. it still may be recovered... and if not, covered by the insurance policy... so not all is lost. Do need to tighten controls for sure..

      Delete