Utah Association for Intellectual Disabilities said Wednesday a hacker had locked them out of most of their systems and drained their bank accounts. This comes right as the group was gearing up for holiday giving season.
UAID gives Christmas gifts to adults who are intellectually disabled, often don’t have family, and stay in assisted living facilities.
The group only meets once a month and was getting together to plan their holiday strategy for buying and distributing gifts. The group serves around 1,200 – 1,400 people ever holiday season. Although Vice President Laura Henderson said they noticed no new email applications for help had come in since October 22nd.
“As we investigating the email issue, I opened the bank statements and started seeing things that just weren’t right,” said Henderson.
After speaking with their bank the group noticed around $5,000 from multiple accounts had been transferred, or stolen from their accounts. According to records the hackers used a series of apps and services to get the money out.
The transfers started small around October 22nd, but went into the thousands by the 25th.
It wasn’t just the money the hackers messed with. They also took over their PayPal, opened new accounts, and locked them out of their email and website. Even when they tried to change the passwords the hackers regained access a short time later.
Co-Founder Katherine Scott said she devastated because so many rely on their gifts, and often don’t get anything else for Christmas. With email accounts compromised they don’t know who needs services this year.
“That’s one of the things that’s making us real sad this year is we don’t know who needs help,” said Scott.
Doug Lind has been a recipient of gifts for the last six years, and said for many it’s the one thing that brightens up their holidays. He couldn’t believe the news.
“You have to be really low to do something like that to people who don’t have that much,” said Lind.
The groups is now scrambling for donations of money and clothes for those they serve. Because their email and website has been compromised they are asking everyone to call their new number at 385-887-4145.
View full post on National Cyber Security Ventures