In August 2015, the US networking firm disclosed that cyber attackers stole USD $46.7 million using a business email compromise attack in which attackers pretend to be executives at the victim company to initiate unauthorised international wire transfers to bank accounts controlled by the attackers.
The company were originally alerted to the potential fraud by the Federal Bureau of Investigation who had been monitoring suspicious, large transactions out of the company's subsidiary's bank accounts in Hong Kong.
The incident ultimately resulted in the loss of USD $39.1 million (initially USD $46.7 million was misappropriated which represented 10% of the company's cash position at that time) as some of the misappropriated funds were recovered.
The event was exacerbated by organisational changes at senior management level and an inadequate control environment across their accounting team's operations.
Want to discuss this case? We're offering a FREE 20 minute phone consultation to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We offer a range of cost-effective, fixed-price training programmes and consultant services derived from the unique insights gained from all our case study data.
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.
We've done the analysis so you can make the decisions