When criminals swindled One Treasure Island, the San Francisco organization turned to the cops. Getting no help, its director decided to launch her own investigation.
Just before Christmas 2020, hackers began to steal from One Treasure Island, a nonprofit that is redeveloping its namesake island in San Francisco Bay as a haven for low-income and formerly homeless people.
Over the next month, criminals siphoned $650,000 from the community organization. The money was earmarked as a loan to one of its member organizations for affordable housing projects on Treasure Island, a man-made strip of land smaller than a square mile that was built in the 1930s and served as a Navy facility until 1997.
Sherry Williams, One Treasure Island’s executive director, discovered something was wrong on Jan. 27, when she spoke by Zoom with the intended loan recipient, who hadn’t received the first installment as planned.
Ransomware and nation-state hacks dominate public discussions of cybersecurity. The world watched when fuel pipelines shut down after an attack at Colonial Pipeline Co. and when corrupted software spread to companies and government agencies through incidents at SolarWinds Corp. and Microsoft Corp.
One Treasure Island was hit by a relatively low-tech hacking technique: an email-compromise attack. Hackers broke into the email system of the nonprofit’s third-party bookkeeper, then inserted themselves into existing email chains by using similar email addresses to pretend to be people associated with the nonprofit.