Baltimore has suffered a major financial setback after cybercriminals diverted vendor payments worth ₹12.45 crore through a sophisticated cyberattack. According to a recent report from the Office of the Inspector General, attackers gained access to a vendor’s account in the city’s electronic Workday system and altered banking details to reroute payments.
The fraudulent transfers included one payment of $803,384.44, approximately ₹6.67 crore, and another of $721,236.60, about ₹5.99 crore. The theft only came to light when a bank flagged concerns about one of the payments, by which time the funds had already been stolen.
Inspector General Isabel Cumming said the hackers showed planning and precision. “They had enough knowledge to change one thing and after they changed one thing, they waited and reached out and changed the second part.”
The report also highlighted human error and weak verification processes as key factors that enabled the theft. The city’s Accounts Payable Director admitted that safeguards for verifying vendor account details were not strong enough.
Further delays in response occurred because the contact information for the Baltimore Police Department’s Cybercrime Unit was outdated, which meant it took almost a week for the matter to reach law enforcement. Cumming stressed the importance of quick action in such cases, adding, “Time is of the essence… Sometimes we need to be old school — trust but verify.”
Authorities have confirmed that Baltimore has not been able to recover the full amount. Nearly $800,000, equal to around ₹6.64 crore, remains missing. The Inspector General’s office has launched an investigation, while law enforcement agencies continue to pursue leads. In the meantime, the city has introduced stricter safeguards within its financial systems to prevent similar incidents.
The case has drawn attention to the growing risk of vendor payment fraud and business email compromise schemes, which exploit weaknesses in electronic payment platforms. Experts point out the need for stronger vendor verification procedures, multi-factor authentication in ERP and Workday systems, regular cyber awareness training, and updated contacts with cybercrime authorities.
For Baltimore, this attack has become not only a financial loss but also a reminder of the urgent need to strengthen defences against increasingly advanced cybercriminal strategies targeting city administrations.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
