Puerto Rico’s government said Friday that it suspended three employees as federal agents investigate an online scam that attempted to steal more than $4 million from the U.S. territory.
Manuel Laboy, executive director of Puerto Rico’s Industrial Development Company, said rigorous procedures were not followed when the agency received an email alleging a change in banking accounts that prompted someone to transfer more than $2.6 million to a fraudulent account in the U.S. mainland last month.
“We do not take this lightly, and there are consequences,” he said.
Laboy declined to share the names and positions of those suspended, saying only that it was one employee from his agency and two from Puerto Rico’s Commerce and Export Company, which sent $63,000 as part of the scam. He added that the FBI has been able to freeze the money sent, which involves public pension funds.
“This situation did not affect and will not affect pension payments to retirees,” he said.
The scam also targeted Puerto Rico’s Tourism Company, which sent $1.5 million, police have said.
José Ayala, director of the fraud unit with the police department’s bank robbery division, said the scam began when someone hacked into the computer of a finance worker at Puerto Rico’s Employment Retirement System in December and sent emails to government agencies. He said government officials realized what had happened when someone at the retirement agency asked why they had not yet received the funds, only to be told they had already been sent.
Ayala said the FBI is investigating how the computer was hacked.
José Quiñones, president of Obsidis Consortia, a nonprofit cybersecurity organization in Puerto Rico, said those types of attacks are common and can be prevented to a certain point.
“No system is 100% safe,” he said, adding that training employees on cyberattacks and keeping software up to date is key.
“This is a well-coordinated attack,” he said. “Where the government failed greatly was in the procedures, not the technology.”

More from Associated Press
- Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
- Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised
- Biden Picks New NSA Head, Key to Support of Ukraine, Defense of US Elections
- White House Unveils New Efforts to Guide Federal Research of AI
- Meta Fined Record $1.3 Billion and Ordered to Stop Sending European User Data to US
- China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States
- ChatGPT’s Chief Testifies Before Congress, Calls for New Agency to Regulate Artificial Intelligence
Latest News
- Keep Aware Raises $2.4M to Eliminate Browser Blind Spots
- Google Workspace Gets Passkey Authentication
- Cybersecurity Startup Elba Raises €2.5 Million for Employee-Focused Product
- Zoom Expands Privacy Options for European Customers
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
- Apple Unveils Upcoming Privacy and Security Features
- Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges
- Google Patches Third Chrome Zero-Day of 2023
