Puerto Rico’s government said Friday that it suspended three employees as federal agents investigate an online scam that attempted to steal more than $4 million from the U.S. territory.
Manuel Laboy, executive director of Puerto Rico’s Industrial Development Company, said rigorous procedures were not followed when the agency received an email alleging a change in banking accounts that prompted someone to transfer more than $2.6 million to a fraudulent account in the U.S. mainland last month.
“We do not take this lightly, and there are consequences,” he said.
Laboy declined to share the names and positions of those suspended, saying only that it was one employee from his agency and two from Puerto Rico’s Commerce and Export Company, which sent $63,000 as part of the scam. He added that the FBI has been able to freeze the money sent, which involves public pension funds.
“This situation did not affect and will not affect pension payments to retirees,” he said.
The scam also targeted Puerto Rico’s Tourism Company, which sent $1.5 million, police have said.
José Ayala, director of the fraud unit with the police department’s bank robbery division, said the scam began when someone hacked into the computer of a finance worker at Puerto Rico’s Employment Retirement System in December and sent emails to government agencies. He said government officials realized what had happened when someone at the retirement agency asked why they had not yet received the funds, only to be told they had already been sent.
Ayala said the FBI is investigating how the computer was hacked.
José Quiñones, president of Obsidis Consortia, a nonprofit cybersecurity organization in Puerto Rico, said those types of attacks are common and can be prevented to a certain point.
“No system is 100% safe,” he said, adding that training employees on cyberattacks and keeping software up to date is key.
“This is a well-coordinated attack,” he said. “Where the government failed greatly was in the procedures, not the technology.”

More from Associated Press
- Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised
- Biden Picks New NSA Head, Key to Support of Ukraine, Defense of US Elections
- White House Unveils New Efforts to Guide Federal Research of AI
- Meta Fined Record $1.3 Billion and Ordered to Stop Sending European User Data to US
- China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States
- ChatGPT’s Chief Testifies Before Congress, Calls for New Agency to Regulate Artificial Intelligence
- Philadelphia Inquirer Hit by Cyberattack Causing Newspaper’s Largest Disruption in Decades
- Executive Fired From TikTok’s Chinese Owner Says Beijing Had Access to App Data in Termination Suit
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
