The FBI and local authorities, with the State Controller's Office (SCO), are investigating the theft of Idaho funds.
SCO says they became aware of an account fraud incident back on February 26. Officials say in January, a criminal (or possibly a group of criminals) posed as vendors used by the state of Idaho.
Authorities say the criminal(s) navigated state procedures and changed the banking information of the vendor. The state paid the vendors, but that money was diverted and stolen.
The State has recovered some of the stolen money, but the total amount of funds diverted is under $550,000. The SCO says they have reached out to all of the affected vendors and is working with the state to work on recovering the money.
The SCO says agency budgets will not be affected because of the theft, and the vendors will be paid in full.
"This fraud reflects a changing environment, both here in Idaho and nationally, where all employees must be vigilant to prevent what is becoming a common occurrence in the government and business world. Bad actors are creating elaborate deceptions designed to target potential vulnerabilities in transactional business processes. Sophisticated scams targeting vendors and business procurement are a national problem. The Wall Street Journal reported in February that business email and account fraud schemes in the United States resulted in a loss of $1.9 billion in 2019. Complaints of these crimes to the FBI increased by 16% in 2019 to a total of 23,775.
Recent changes to state protocols are already aimed at combating these types of crimes. Due to the advancing sophistication of criminal actors, the state is making proactive and ongoing revisions to its operating systems and procedures. This process will continue to add layers of security meant to prevent fraud while maintaining strong customer service standards. However, this event further highlights the need to systemically prioritize fraud awareness consistently both in government and private businesses," The SCO said in a press release.
The SCO actively encourages all local governments and businesses to review their processes to help ensure that they are not similarly attacked.