Cyber Incident Victim: Cape Cod Community College
Date:
Dec 2018
Location:
United States of America
Summary
Hackers stole over $800,000 from Cape Cod Community College by infiltrating its bank accounts through a phishing scheme that deployed malware on multiple computers in the Nickerson Administration Building. The breach enabled unauthorized transfers from the institution's accounts, prompting the college president to notify faculty and staff of the financial theft via email.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early December 2018, Cape Cod Community College experienced a significant cybersecurity incident resulting in the theft of over $800,000 from institutional bank accounts. The breach occurred when attackers successfully compromised several computers located within the Nickerson Administration Building through a phishing scheme. The phishing attack delivered malware that enabled unauthorized access to the college's financial systems. The intrusion remained undetected until the fraudulent transactions were identified, with the funds being siphoned from accounts during the preceding week. On December 7, 2018, college president John Cox formally notified faculty and staff about the incident via email, confirming both the financial loss and the attack methodology. The malware's specific capabilities weren't detailed, but its deployment allowed threat actors to bypass security controls and initiate unauthorized fund transfers. No evidence suggested student data or academic systems were compromised during the attack, with the intrusion apparently focused on financial assets.
The college's administration responded by initiating incident response protocols upon discovery of the unauthorized transfers. President Cox's communication to employees served as the primary official disclosure, though additional notifications to banking partners and law enforcement were implied by the nature of the theft. The attack caused immediate operational disruption, particularly within administrative functions housed in the affected building. Financial impacts extended beyond the direct loss of funds, necessitating forensic investigations and potential account remediation efforts. While the email notification confirmed the attack vector as phishing-enabled malware, it did not specify whether secondary systems were compromised or detail containment measures like system isolation or malware eradication. The incident represented one of the more substantial publicly disclosed cyber thefts targeting a community college at that time, highlighting vulnerabilities in educational institution financial operations. Recovery efforts would have required coordination with financial institutions to trace transactions and implement enhanced security controls for future banking activities.