The City of Oakdale recently discovered it had been the victim of a sophisticated Internet “Phishing” scheme in which a chameleon-type email disguised as appropriate infected a city computer and gained access to the passwords to a checking account held at Oak Valley Community Bank.
The perpetrators siphoned more than $118,000 from the checking account before being discovered.
Undisclosed federal agencies are currently investigating the crime but city officials were not given clearance to share more about the status of the investigation.
City officials staged a press conference on Thursday, Sept. 22 to field questions and provide answers to the public and media.
The press release provided stated in part, “…All City computer systems have been scanned to detect and remove any malicious software such as computer viruses. A firm that specializes in computer network security has been engaged to assure that the City’s information resources are protected…”
“We’re confident it was a computer virus and not an inside job,” Oakdale Police Chief Marty West stated. “We know where the money went but we’re not going to reveal that information.”
Councilmember Jason Howard said the security breach illuminated issues and protocols that need improvement in regards to Internet security.
“We’ve been working through a lot of issues,” Howard said. When asked if the breach could’ve been avoided, he said, “In a perfect world — yes. Admittedly, we could’ve done better.”
Det. Brian Shimmel said the virus was not attained through inappropriate web browsing on the part of the employee.
“It wasn’t because of a website they shouldn’t have been on. It was a phishing scam and it wasn’t a new one but it was fairly sophisticated,” Shimmel said.
Although this is the first time the city has been victimized by this type of crime, there have been 45 reports of identity theft of this nature in 2010.
“It’s becoming more prevalent,” West said.
The city also shared that the money theft wasn’t the only issue.
The press release stated, “…There is a possibility that utility customer information may have been compromised in the commission of this crime…”
Of the 7,000 City of Oakdale utility customers, 600 use the automated payment system. It is those customers who are at the most risk, said Interim City Manager, Greg Wellman.
“We are suggesting people keep a close eye on their accounts,” Wellman advised. “There needs to be a heightened sense of awareness for everyone.”
A hotline has been set up to allow city customers to report any suspicious activity that may be related to this recent breach.
The hotline number is: 209-845-3570; or citizens can email at firstname.lastname@example.org
The hotline will be operational from 8 a.m. to 8 p.m.