The article describes a series of financial thefts via business email compromise (BEC) scams, where attackers infiltrate email or accounting systems to alter payment details and divert funds. The attacks have resulted in significant losses, including a missing $625,000 payment and a separate $2.5 million theft from Sri Lankan government entities. The scope of the campaign may be widening, as similar payment irregularities have been reported to other countries.
Incident Response , Government security , Critical Infrastructure Security Sri Lanka investigates missing $625,000 payment amid hacking concerns April 30, 2026 Share By SC Staff (Adobe Stock) Coverage from TechCrunch indicates that Sri Lanka is investigating a missing payment of approximately $625,000 to the U.S. Postal Service, with authorities suspecting a cyberattack. The payment to the U.S. Postal Service went missing several weeks ago, according to Sri Lankan officials. The incident was detected after hackers allegedly attempted to redirect another payment intended for India. Australian officials are also reportedly aware of irregularities in payments owed to their country, suggesting the scope of these financial thefts may be wider than initially believed. This follows a separate incident where hackers allegedly stole $2.5 million from Sri Lanka's finance ministry. Treasury Secretary Harshana Suriyapperuma stated that hackers diverted funds from the postal authority to other bank accounts. These attacks appear to be business email compromise (BEC) scams, a common tactic where cybercriminals infiltrate email or accounting systems to alter payment details. BEC attacks are highly profitable for cybercriminals, with the FBI reporting billions of dollars in losses globally last year alone. The successive security breaches add pressure on the Sri Lankan government, which is still recovering from a severe economic crisis and debt default in 2022. It remains unclear if the two thefts are connected, and an investigation is underway to determine any links. Source: TechCrunch SC Staff Related Incident Response Itron discloses cyberattack after unauthorized third party accessed internal systems SC Staff April 28, 2026 Itron, a Washington-based public company serving 7,700 customers in 100 countries with products for energy and water resource management, discovered the breach on April 13, 2026. Ransomware Adaptavist Group investigates security breach amidst ransomware claims SC Staff April 22, 2026 The breach was detected in late March when an attacker exploited compromised login details. SOC Your SOC, not the vendor’s: Why the AI SOC has to be customizable, not a black box Paul Wagenseil April 20, 2026 Only organizations that invest in customizable, agentic AI SOCs will turn AI into a strategic advantage. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Boot Record Infector Computer Emergency Response Team (CERT) Stimulus You can skip this ad in 5 seconds