In May, 2012, Kingsport, Tenn.-based Tennessee Electric Company Inc was the target of a corporate account takeover that saw cyber thieves use a network of more than four dozen money mules to siphon $327,804 out of the company’s accounts at TriSummit Bank.
According to Brian Krebs, TriSummit was able to claw back roughly $135,000 of those unauthorised transfers, leaving Tennessee Electric with a loss of $192,656. Earlier this month, the company sued TriSummit in state court, alleging negligence, breach of contract, gross negligence and fraudulent concealment.
According to the complaint, the attackers first struck on May 8th, after Tennessee Electric’s controller tried, unsuccessfully, to log into the bank’s site and upload that week’s payroll batch (typically from $200,000 to $240,000 per week). When the controller called TriSummit to inquire about the site problems, the bank said the site was probably undergoing maintenance and that the controller was welcome to visit the local bank branch and upload the file there. The controller did just that, uploading four payroll batches worth $202,664.47.
