Madison County hit with second scam
Madison County was hit with a data breach for the second time this year last week, with the latest incident resulting in the private personal information of county employees and elected officials potentially being compromised.
County Administrator Greg Higginbotham said the county was informed last week of the potential breach and immediately notified law enforcement and their IT department. He said the county was “still on a fact-finding mission” and that more details would be released on Monday during the meeting of the Board of Supervisors.
“The cost to the county will be minimal, if any,” Higginbotham said. “There have not been any confirmed instances of anybody’s personal information being used nefariously and there has been no involvement of county funds.”
Higginbotham wouldn’t say what data breach occurred or how many employees’ information may be compromised.
Last Thursday, Higginbotham sent out an email to county employees with the subject “Fraudulent Email Alert” warning employees to delete emails purporting to be from Loretta Phillips, the county’s HR director.
This week, Higginbotham has set up meetings with employees to ask questions and learn more about the incident.
In March, the county comptroller fell victim to a sophisticated social engineering scam that resulted in over $2.7 million of State Aid bond monies allocated for Reunion Parkway being sent to a fraudster.
The board was first alerted to the scheme on March 19, when it was discovered that $2,741,243.69 was paid to someone claiming to be the president of Hemphill Construction.
Comptroller Na’Son White sent electronic ACH payments to someone claiming to be Jay Hemphill, the CEO of Hemphill Construction Co., the contractor currently working on the Reunion Parkway project, according to the Sheriff’s Office incident report.
Since then, the county has increased its cyber insurance, which was only at $100,000, and invested tens of thousands in training and an outside auditor.