The Manor Independent School District (MISD) in Texas is facing a loss of US$2.3 million after falling victim to a phishing attack. The phishing scam came to light after a school district employee discovered the issue in December 2019 and reported it to the police.
MISD’s notice didn’t reveal any information about the incident. However, in a notice published on Twitter, the MISD stated that the Manor Police Department and FBI are investigating the incident. Anne Lopez, a detective with the Manor Police Department, disclosed a few details about the phishing attack to news outlet KVUE.
Lopez said, “It was three separate transactions. Unfortunately, they didn’t recognize the fact that the bank account information had been changed and they sent three separate transactions over the course of a month before it was recognized that it was a fraudulent bank account. So I think it’s important that any email you get, any phone call you get, that you question everything and make sure you know who you’re talking to directly that you look through every part of that email or any information that they’re providing you, and double-check you have checks and balances in place to make sure that any information provided to you is actually accurate.”
School districts have become an easy target for cybercriminals to launch cyberattacks. Multiple attacks have been discovered and reported on schools in recent times. To address the same, two U.S. Senators, Gary Peters (D-Mich.) and Rick Scott (R-Fla.), both members of the Senate’s National Security and Government Affairs Committee, have tabled a new bill called the “K-12 Cybersecurity Act.”
The Act directs the DHS Cybersecurity and Infrastructure Security Agency (CISA) to first study the cybersecurity risks associated with K-12 educational institutions. Once the study is done, CISA will then be responsible to develop cybersecurity recommendations and set up online tools to help schools with their cybersecurity requirements.