BROKEN BOW, Neb. – Broken Bow Public Schools stated Monday (July 14) that the school was the target of cybersecurity fraud, which resulted in a $1.8 million payment being diverted to a fraudulent account.
The incident occurred early this spring when the school received a phishing email containing false Automated Clearing House (ACH) instructions that appeared to come from a trusted vendor, resulting in the payment intended for a construction contractor working on the school’s bond construction project to be sent to scammers.
Broken Bow Public Schools Superintendent Darren Tobey told KCNI/KBBN that a full investigation was immediately launched after suspicion was raised, which included the Federal Bureau of Investigation (FBI), the Nebraska State Patrol, and the United States Secret Service.
With the assistance of those authorities, Tobey said that nearly $700,000 of the money has been recovered to date. He added that the school is continuing to work with the authorities in addition to their attorneys and insurance to attempt to recover the approximately $1.1 million in remaining funds.
A release from the school indicated the following regarding questions about impact and assurance:
– The construction project will continue as planned without interruption
– There will be no tax increases to cover the financial shortfall
– The district remains in a strong financial position due to careful planning and conservative budgeting
– New protocols and safeguards were immediately implemented in the district office regarding wire/ACH transfers and financial transactions to prevent a similar event
The release continued by saying that the school “takes full responsibility for the fact that the safeguards were not in place, as well as full responsibility for the unfortunate circumstance,” adding that a public statement was not made earlier in order to allow law enforcement officials the time to conduct an investigation.
The full release from the school regarding the incident can be read below:
