Hackers stole $8,156 from the Reidville Fire District’s payroll accounts.
The theft surfaced when six firefighters, including the chief, did not receive a regular direct deposit of their paychecks.
Apparently, the hackers gained access to the department’s payroll portal through an email exchange with accountants in which the hackers spoofed their identity to appear to be fire department personnel.
Source: https://www.firefighternation.com/news/hackers-steal-sc-fire-department-payroll/#gref
TPRM report: https://scoringcyber.rankiteo.com/company/reidville-fire-dept
"id": "rei2220141122",
"linkid": "reidville-fire-dept",
"type": "Cyber Attack",
"date": "09/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"{'affected_entities': [{'industry': 'Emergency Services',
'name': 'Reidville Fire District',
'type': 'Government'}],
'attack_vector': 'Email Spoofing',
'description': 'Hackers stole $8,156 from the Reidville Fire District’s '
'payroll accounts. The theft surfaced when six firefighters, '
'including the chief, did not receive a regular direct deposit '
'of their paychecks. Apparently, the hackers gained access to '
'the department’s payroll portal through an email exchange '
'with accountants in which the hackers spoofed their identity '
'to appear to be fire department personnel.',
'impact': {'financial_loss': '$8,156', 'systems_affected': 'Payroll Portal'},
'initial_access_broker': {'entry_point': 'Email Exchange',
'high_value_targets': 'Fire Department Personnel'},
'motivation': 'Financial Gain',
'post_incident_analysis': {'root_causes': 'Email Spoofing and Social '
'Engineering'},
'threat_actor': 'Unknown Hackers',
'title': 'Reidville Fire District Payroll Theft',
'type': 'Financial Theft',
'vulnerability_exploited': 'Social Engineering'}