US Returns $150m to Sony After Employee BEC Attack

The US government has handed back over $150m to Sony that one of its employees allegedly embezzled.

It filed a civil forfeiture complaint in the Southern District of California to protect Sony’s interest in the funds allegedly stolen by Rei Ishii, an employee of Sony Life Insurance Company.

Although Sony had a double authentication process set up for international money transfers, requiring both Ishii and his supervisor to sign them off, the former is said to have instructed the company’s bank to change the contact email address for his boss.

That enabled him to initiate and sign-off money transfers to an account under his control totaling $154m, which he later converted into Bitcoin, according to court documents.

Ishii is even said to have emailed several executives, including his supervisor with a ransom note claiming that the money would be returned if they paid a fee. The end goal appears to have been to dissuade them from filing criminal charges.

However, the FBI – working alongside the National Police Agency, the Tokyo Metropolitan Police Department, Tokyo District Public Prosecutors Office, and the Japan Prosecutors Unit on Emerging Crimes (JPEC) – obtained the private key to this Bitcoin address.

“The FBI was able to recover these stolen funds for two very important reasons. First, Sony and Citibank immediately contacted and cooperated with law enforcement as soon as the theft was detected, and the FBI worked in partnership with both to locate the funds,” explained FBI special agent in charge, Suzanne Turner.

“Second, the FBI’s footprint internationally through our Legal Attaché offices and the pre-existing relationships we have established in foreign countries – in this instance with Japan – enabled law enforcement to coordinate and identify the subject. The FBI’s technical expertise was able to trace the money to the subject’s crypto wallet and seize those funds.”

Ishii has been charged in Japan.

What’s Hot on Infosecurity Magazine?