Cyber Incident Victim: Broken Bow Public Schools

Earlier this spring, Broken Bow Public Schools received a sophisticated phishing email that contained false payment instructions related to an ongoing construction project. The email appeared to come from a trusted vendor, leading the district to authorize a payment that was directed to a fraudulent account. As a result, approximately $1.8 million was transferred out of the district’s funds. Upon discovering the unauthorized transfer, the district launched an internal investigation and promptly engaged the FBI, Nebraska State Patrol, and the U.S. Secret Service.

Through the collaborative investigation, the district has reported recovering nearly $700,000 of the stolen amount. Simultaneously, the school is working with its insurance provider to pursue recovery of the remaining funds. In response to the incident, the district has implemented new security protocols and measures within its office environment to reduce the risk of similar phishing attempts. Leadership has communicated that construction projects will proceed without interruption, that no tax increases will be needed to address the financial shortfall, and that the district’s overall financial position remains strong due to prior planning and budgeting.

The release emphasized the district’s commitment to keeping the community informed and taking every possible step to safeguard public funds, while accepting full responsibility for the lack of safeguards that allowed the breach to occur. It also noted that the decision to delay a public statement was made to avoid interfering with the ongoing law enforcement investigation. The district concluded by affirming its dedication to preventing future incidents through the newly adopted security measures.