Cyber Incident Victim: Sun Trust Bank
Date:
Jun 2016
Location:
United States of America
Summary
Cybercriminals stole approximately $3.6 million from a Miami Beach City Hall account at Sun Trust Bank by compromising routing numbers and rerouting automated vendor and government payments over several months. The fraud, discovered after significant losses, prompted immediate transaction halts and account replacement, alongside FBI and local law enforcement investigations. Two finance managers resigned amid criticism over inadequate fraud detection, though they were not implicated in the scheme. The compromised account held substantial public funds, including tax revenues and municipal fees, with daily balances reaching up to $144 million, underscoring the severity of the security lapse.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Between June and December 2016, unauthorized parties stole approximately $3.6 million from a Sun Trust Bank account belonging to Miami Beach City Hall. Attackers compromised the bank account by obtaining its routing numbers and manipulating automated online payment systems designed for municipal transactions. These systems routinely processed payments to vendors and covered government expenses such as utility bills without manual oversight. The fraudulent activity involved rerouting legitimate transactions intended for city payees to accounts controlled by the perpetrators. Daily balances in the targeted account fluctuated between $46 million and $144 million, as it held sensitive public funds derived from parking fees, resort taxes, recreation fees, red light camera fines, and other municipal revenue sources. The theft persisted undetected for approximately six months due to inadequate account monitoring procedures. City officials remained unaware of the compromise until December 19, 2016, when the fraud was finally discovered through unspecified means.
Upon detection, Miami Beach officials immediately halted all transactions through the compromised Sun Trust account and established a new banking account to resume municipal payments. The city formally notified commissioners about the breach via memo on January 9, 2017, disclosing preliminary findings while emphasizing that FBI and local law enforcement investigations remained ongoing. Two senior finance department managers—Treasury Manager Juan Rodriguez and Accounts Payable Director Bryan Scott Wagner—resigned following the incident, though authorities did not suspect their involvement in the theft. City Manager Jimmy Morales attributed the prolonged undetected theft to deficiencies in treasury management and account reconciliation processes, stating that earlier detection could have reduced financial losses. Morales confirmed the city had pressured Sun Trust to implement enhanced fraud control measures to protect other municipal accounts. The stolen funds comprised public tax revenue, heightening the incident's significance beyond the direct financial impact. No public statements confirmed whether any portion of the stolen $3.6 million was recovered or if additional accounts were compromised during the attack timeframe.