Cyber Incident Victim: Northwestern University

In May 2018, Northwestern University in Kirkland, Washington, experienced a financial fraud incident stemming from the compromise of Chief Financial Officer John Jordan’s email account. Unidentified attackers gained unauthorized access to Jordan’s account and engaged in covert monitoring of email communications. The perpetrators specifically targeted transactional correspondence related to vendor payments. When a legitimate payment to a university vendor became due, the hackers intercepted the process and altered payment instructions to redirect funds to accounts they controlled. This manipulation occurred without the university’s immediate detection, resulting in the fraudulent transfer of approximately $60,000 intended for the vendor. The attack exhibited deliberate timing and familiarity with institutional payment workflows, suggesting reconnaissance prior to execution.

The incident came to light through a Kirkland Police Department investigation, with KIRO 7 obtaining documents detailing the ongoing probe as of May 4, 2018. Law enforcement characterized the operation as potentially involving multiple suspects working in coordination. Northwestern University suffered a direct financial loss equivalent to the diverted payment amount. No additional compromised systems or secondary financial impacts were disclosed in available records. The institutional response centered on law enforcement collaboration, with detectives actively working to trace the stolen funds and identify perpetrators at the time of reporting. The university did not publicly disclose whether internal security enhancements were implemented following the breach.