Wireless networking firm Ubiquiti Networks has been defrauded to the tune of nearly $47 million after staff were seemingly tricked into transferring the money to a third party account.
The firm revealed the costly scam in an SEC filing, claiming that it first discovered the incident back in June.
It explained:
“The incident involved employee impersonation and fraudulent requests from an outside entity targeting the Company’s finance department. This fraud resulted in transfers of funds aggregating $46.7 million held by a Company subsidiary incorporated in Hong Kong to other overseas accounts held by third parties. As soon as the Company became aware of this fraudulent activity it initiated contact with its Hong Kong subsidiary’s bank and promptly initiated legal proceedings in various foreign jurisdictions.”
As a result of this action, Ubiquiti has already managed to reclaim $8.1m and is expecting to be able to get back a further $6.8m.
A “multi-agency criminal investigation” is underway to recover the remaining $31.8m, involving the US Feds and overseas law enforcers.
Ubiquiti claimed in the filing that it might not be able to make any insurance claims related to the incident.
It added:
“The Company currently believes this is an isolated event and does not believe its technology systems have been compromised or that Company data has been exposed. While this matter will result in some additional near-term expenses, the Company does not expect this incident to have a material impact on its business or its ability to fund the anticipated working capital, capital expenditures and other liquidity requirements of its ongoing operations.”
Ubiquiti said that there was no attempt made to access sensitive corporate information, and no employees were culpable.
However, it admitted its “internal control over financial reporting” was found wanting because of “one or more material weaknesses.”
As of last week the firm parted company with its Chief Accounting Officer, Rohit Chakravarthy.
The multi-million dollar fraud brings to mind a similar case which came to light in June.
In that instance, hackers broke into the email account of the then-CEO of magazine publisher Bonnier Group and sent instructions to an employee to transfer two large sums of money to a Chinese bank.
One $1.5m payment went through before the alarm was raised, but the bank in question is said to have been uncooperative in helping the organization get its money back.