Boston union loses $6.4M in cyberattack

Pipefitters Local 537's health fund was targeted in the 7-figure scheme

A cyberattack on a Boston-based labor union’s health fund resulted in the loss of $6.4 million, but it does not appear that the personal information of members was stolen or compromised, union officials said.

Federal and local law enforcement agencies were notified of the attack at Pipefitters Local 537 that was discovered Feb. 7 and the union retained a cyber security forensic investigator, union business manager/financial secretary-treasurer Daniel O’Brien said in a message to members.

"This is very unfortunate news; but please be assured that nothing about your benefits with Local 537 has changed and our health fund remains well-funded," O’Brien wrote.

MASSACHUSETTS SCHOOL DISTRICT HIT BY CYBERATTACK

Law enforcement is "optimistic" that they will be able to return the vast majority of the stolen funds, he said. The fund is also insured.

The FBI in Boston declined to comment.

A Boston pipefitters union was the target of a cyberattack where over $6.4 million was stolen.

O'Brien described the breach as a social engineering cyberattack and said private investigators and a cybersecurity company have completed a review of the fund office’s email server and concluded that there was no breach or hack.

Employees are receiving advanced cybersecurity training and changes have been made to the health fund's wiring policy.

CYBER ATTACK ON MAJOR HOSPITAL SYSTEM COULD AFFECT 20 MILLION AMERICANS

"In closing, it has been reiterated throughout the investigation to remind our membership to be mindful of what we put out online and on social media, as these are easy places for cybercriminals to gain information and locate potential targets," O'Brien said.

The union has about 3,000 members and represents pipefitters, welders and HVAC-refrigeration workers.

CLICK HERE TO GET THE FOX NEWS APP

Government agencies, businesses, health care organizations, and school systems around the world have been the targets of cyberattacks recently. In September, the Justice Department charged three Iranian citizens with ransomware attacks that targeted power companies, local governments and small businesses and nonprofits.

Load more..