One yr in the past, in February 2021, an funding supervisor on the pension acquired an e-mail from a former worker’s e-mail account with directions for a wire switch. The funding supervisor made the switch, not realizing that the e-mail account had been hacked by a cybercriminal. The story of the hack was lastly launched to the general public final week in Quincy newspaper The Patriot Ledger.
It took months for the Quincy Retirement Board to search out out concerning the assault, and it didn’t report the problem to the state’s Public Worker Retirement Administration Fee till October 2021. The retirement board has now been positioned underneath investigation by the Fee, and the board might not make any new investments till the investigation is over. This course of will doubtless take months.
Members of the pension fund can relaxation assured that the assault is just not anticipated to affect their advantages, since it’s a comparatively small share of the fund’s complete property. The pension had a market worth of greater than $370 million in 2019, the newest accessible knowledge.
There have been a number of notable cyberattacks on pensions this previous yr, together with on the Missouri instructor’s pension, which was additionally the sufferer of a hacked e-mail handle.
Consultants like Alan Brill, director of cyber threat at Kroll, have mentioned that the greatest method a pension can shield itself is by pre-emptively instituting protocols and getting ready for a hack. He additionally really useful that pensions implement some kind of 24/7 monitoring system.