Norfund, Norway’s state-owned investment fund was impacted by an advanced data breach, in which they lost $10m and has to stop all payments.
Norfund is a private equity company owned by the Norwegian Ministry of Foreign Affairs which was established by the Norwegian Storting in 1997. Norfund is the largest sovereign wealth fund in the world and they receive the investment capital from the state budget.
Norfund revealed about the breach on May 13th and reported that they are working with the police and other relevant authorities after the breach which allowed the attackers to get away with $10m.
The data breach let the fraudsters to access information concerning a loan of US$10m from Norfund to a microfinance institution in Cambodia.
According to a Norfund spokesperson, the fraudsters managed to impersonate the borrowing institution by using manipulated data and falsified information and diverted the funds away from the genuine recipient into their own accounts.
The funds were redirected to an account in Mexico under the same name as the Cambodian microfinance institution. The theft actually occurred on March 16 but was undetected until April 30, when the attackers tried to get more money.
PwC was engaged by the fund board to undertake a full review of the company’s security systems and routines.
Tellef Thorleifsson, CEO of Norfund stated that this incident has occurred as their systems and routines are not good enough and that they have taken immediate and serious measures to correct this.
There is no actual information about how this breach had occurred or how the attackers managed to manipulate the communication between Norfund and the recipient. But it is believed that either BEC or phishing techniques might be used by the fraudsters to get an entry.