Cyber Incident Victim: City of El Paso
Date:
Nov 2016
Location:
United States of America
Summary
The City of El Paso fell victim to a phishing scam where perpetrators impersonated a legitimate vendor, fraudulently obtaining two payments totaling approximately $3.3 million intended for a streetcar project. The first transfer of $300,000 was identified by the Comptroller’s Office, prompting internal controls and law enforcement involvement, followed by discovery of a second unauthorized payment of $2.9 million during the investigation. Collaborative efforts with financial institutions and authorities enabled partial recovery of funds—$292,000 from the initial loss and $1.6 million from the larger sum. While officials confirmed no additional compromised payments, they withheld operational details to avoid hindering the ongoing FBI and police investigation and maximize further financial recovery. Public disclosure was initially delayed based on law enforcement guidance to protect investigative integrity.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early October 2016, the City of El Paso Comptroller’s Office detected irregularities suggesting the municipality had fallen victim to a phishing scam involving approximately $300,000 intended for its streetcar project. Fraudsters impersonated a legitimate vendor through email communications, successfully redirecting payments to fraudulent accounts. The city implemented internal controls upon discovery and notified law enforcement agencies. During subsequent investigations, authorities identified an additional $2.9 million in misdirected funds, bringing total losses to $3.3 million. The Camino Real Regional Mobility Authority (CRRMA) collaborated with city officials in confirming the expanded scope of the financial diversion. Recovery efforts led by banking institutions and law enforcement successfully reclaimed $292,000 from the initial $300,000 payment and approximately $1.6 million from the larger $2.9 million transaction, leaving roughly $1.5 million unrecovered as of early November 2016.
City officials publicly disclosed the incident on November 2, 2016, during a press conference attended by Mayor Oscar Leeser, City Manager Tommy Gonzalez, City Attorney Sylvia Borunda Firth, and multiple city representatives. The delayed public notification followed law enforcement guidance to preserve investigative integrity and maximize fund recovery potential. El Paso Police and the FBI assumed primary investigative roles, though authorities withheld specific details about the attack methodology, internal control failures, or potential accountability measures to avoid compromising ongoing efforts. Mayor Leeser confirmed comprehensive reviews of all vendor payments found no additional compromises beyond the identified streetcar project transactions. City leadership emphasized operational control of the situation while acknowledging unresolved investigative questions, with Gonzalez publicly reassuring citizens about incident containment despite the unrecovered funds and pending law enforcement outcomes.