Cyber Incident Victim: Chester Upland School District

In December 2020, Chester Upland School District in Pennsylvania fell victim to a business email compromise (BEC) scheme involving unauthorized access to its email systems. An attacker associated with Nigeria infiltrated the district’s email infrastructure and created a fraudulent "mirror" account replicating an employee’s legitimate email address. Using this impersonated account, the threat actor sent an official-looking email request to the Pennsylvania Department of Education, directing the diversion of state funds intended for the school district. The fraudulent communication successfully deceived authorities into transferring approximately $3 million in public education funds. A Florida-based individual, later identified as a "money mule," facilitated the movement of stolen funds after being recruited through a separate romance scam orchestrated by the attackers. The theft targeted scheduled disbursements from state coffers to the district over the fiscal year.

Delaware County District Attorney Jack Stollsteimer publicly disclosed the incident on August 26, 2022, confirming the theft’s international origins and the money mule’s unwitting involvement. The Department of Treasury intervened during the attack, preventing additional financial losses beyond the confirmed $3 million. No technical details regarding the initial email system breach, detection methods, or containment procedures were disclosed in available reports. The incident impacted the district’s operational funding stream, though specific consequences such as service disruptions or recovery costs were not quantified. Law enforcement emphasized the exploitation of both technical vulnerabilities and human manipulation through the romance scam to execute the financial fraud.