The Federal Bureau of Investigations is investigating an attempt by hackers to withdraw money late last year from bank accounts held by the Midcoast Regional Redevelopment Authority.
MRRA executive director Steve Levesque said Friday that the hackers attempted to withdraw $100,000 from one account at Bath Savings Institution and $25,000 from a payroll account earlier this month.
Fortunately, he said, “a checks and balances system” thwarted their efforts.
“The way it works is, if we request a transfer of funds, my CFO Jeff [Jordan] sends the bank an email and then I have to confirm it, and they follow up with a phone call,” Levesque said from a trade show in Florida. “[The bank] got an email that didn’t look right, and we said, ‘No, we didn’t request that.’”
MRRA employees have all changed their passwords since then, he said.
“They got into our emails and found an email where we had requested a transfer and me confirming it, and they were able to try to replicate that with the bank,” he said. “The good news is it was an attempt and it was unsuccessful.”