The City of Hinesville may be in line to recoup some of its losses after it was hit by a cyber thief earlier this year.
A city finance department staff members received an Feb. 6 from an accounting specialist alleging to be with one of the city’s vendors, with a request to update the city’s ACH (automated clearinghouse) banking information.
“This staff member had been corresponding with the vendor’s office manager and had been discussing two outstanding pay requests,” said city Chief Financial Officer Kim Ryon.
Thirty minutes after an email from the vendor’s office manager, the staff member updated the ACH information. The vendor’s office manager later contacted the city about the status of their pay requests.
“After quick research and review, it was apparent we were the likely victim of fraud,” Ryon said.
City officials called the bank to rescind the most recent transaction, but the bank was not able to do so. The two fraudulent pay requests amounted to more than $620,000.
City Manager Kenneth Howard was notified, and Howard called the Hinesville Police Department, who in turn called the Georgia Bureau of Investigation. GBI agents conducted several interviews and ruled out the fraud happened internally.
Ryon said the GBI agent on their case updated them anytime he received significant information, getting in touch with the city every couple of weeks. He also told the city the Secret Service had gotten involved in the case.
The Secret Service contacted the city in May and said an arrest had been made in Texas on to the city’s case, and Secret Service agents were working on seizing the suspect’s assets.
The Department of Homeland Security sent a letter to the city in late June stating it had seized an account with $52,000 and the city was eligible to recoup some of the funds. City staff completed the forms and documentation that they were fraud victims and those forms have been sent back to the DHS.
Federal officials have told the city they are eligible to regain some of the money lost. But the city does not know how much it can get recouped and how many others were involved in the fraud.
Ryon said the city has strengthened its ACH policy.
“There is a provision that now that any non face-toface request, either initially setting up or changing it, must have a second source of verification,” she said.
Also, a phone number from a secondary source must be provided and city staff has to document from where that number came. There is also now a significant separation of duties, she said, and a detailed checklist to change banking information. No ACHs can be went without Ryon looking at it and approving it.
“If I’m not there,” she said, “it doesn’t get sent.”