Cybercriminals wrench $6.4M from Pipefitters Local 537
Pipefitters Local 537 has fallen victim to a cyberattack, as thieves recently stole more than $6 million from the Dorchester union’s health fund.
The feds are investigating the cybercrime, and law enforcement is “optimistic” that they’ll be able to return the vast majority of the $6.4 million in stolen funds, according to Daniel O’Brien, business manager/financial secretary-treasurer of Pipefitters Local 537.
O’Brien reassured union members that this theft will not impact their benefits “in any way,” and there’s no evidence that any member information was stolen or compromised.
“This is very unfortunate news; but please be assured that nothing about your benefits with Local 537 has changed and our Health Fund remains well-funded,” O’Brien wrote in an update to union members.
“… It has been reiterated throughout the investigation to remind our membership to be mindful of what we put out online and on social media, as these are easy places for cybercriminals to gain information and locate potential targets,” he added.
Three weeks ago, the Fund Office learned that it had been the victim of a social engineering cyberattack, resulting in the theft of $6.4 million from the health fund.
The Fund Office immediately contacted legal counsel, filed a cybercrime report with the FBI, filed a report with the Boston Police, contacted the Fund’s cybersecurity provider to take emergency measures, and contacted the Fund’s cyber insurance company.
The Board of Trustees retained a cybersecurity forensic investigator immediately, who began investigating the breach in addition to the investigations of the FBI and the U.S. Secret Service. The Department of Labor reached out to the Fund’s attorney about the theft. The Board of Trustees has filed claims on the funds’ cyber insurance policies.
“Federal law enforcement cannot give us much information at this time, due to the ongoing criminal investigation,” O’Brien wrote. “However, they are optimistic that most of the stolen funds will be returned to the Health Fund. The Fund’s private investigators and cybersecurity company have also completed their review of the Fund Office’s email server and concluded that there was no breach or hack.”
The Trustees have arranged for advanced cybersecurity training for all employees. Also, strict Fund wiring policy changes have been implemented, now requiring at least two Fund staff members to confirm wire instructions and receipt of funds within 24 hours via a phone call to a trusted number.