British oil and gas company Zephyr Energy says someone stole £700,000 (about $1 million) from its US-based subsidiary by redirecting a contractor’s payments to a hacker-controlled account.
In a regulatory filing In a filing with the London Stock Exchange on Thursday, the company said it was “working with the relevant banks and advisors to attempt to recover the diverted funds.”
Although the company did not reveal how the incident occurred, hackers have been known to break into email inboxes or accounting systems and use that access to alter bank account and routing numbers during the process of paying someone or clearing an invoice. known as business email agreement attacks, the FBI said in its most recent Annual report published on Internet cyber crime Earlier in April it said these attacks remained one of the top sources of financial loss, with victims losing a total of more than $3 billion through 2025.
Zephyr says its incident has been contained and its operations are continuing as normal.
As for the attack, the company said it used “industry standard practices” for its technology and payments platforms, but said it had implemented “additional layers of security” following the incident.
A Zephyr spokesperson did not respond to an email requesting comment about the incident.
(via register)
