Unknown individuals have made four attempts to illegally transfer US$24 million (UGX81 billion) from the Bank of Uganda to accounts located outside the country.
Officials within the Government of Uganda are believed to have shared passwords with tech-savvy individuals who then logged in to the financial management system and targeted the accounts of the Defence, Energy and Agriculture ministries and the Uganda National Roads Authority (UNRA).
“We have identified potentially suspicious activity relating to Greenshades’ tax portal,” Herrick said, in a statement read Monday at a school board meeting attended by angry and distraught employees.
Herrick said the school district has used Jacksonville, Fla.-based Greenshades to process employees’ W-2 tax forms for more than 10 years. The forms detail earnings and withholdings. The school district also recently used the firm to distribute 1095 tax forms.
The district does not yet know how many employees have been affected. As a precaution, employees’ access to the Greenshades tax portal has been blocked while the district continues its investigation.
“For this particular client (District 113), the credentials that were required were the SSN and DOB,” Kane said, referring to the employee’s social security number and date of birth. “Those credentials were chosen by the client.”
“What happened from our perspective is that we detected IP addresses from (geographic) areas that seemed suspicious, trying to make multiple log-ins, and we shut them down,” Kane said.
The IRS is reporting an increase in fraudulent tax filings nationwide, and Greenshades is likewise seeing a marked increase in reports of fraudulent login attempts to some client GreenEmployee portals. There is no indication that any of the information used in these fraudulent login attempts is a result of a technical breach of the Greenshades network. Instead, it appears criminals with personal information obtained from other sources are attempting to log into some GreenEmployee portals.
Greenshades is taking various steps to help maintain the security of client and employee information. This includes proactively monitoring attempts to access the Greenshades network from suspicious IP addresses and requiring that all clients adhere with Greenshades’ recommended log in settings. In the past, Greenshades has allowed the employer to establish its own credentials for log in.
The Christchurch City Council has admitted placing bugging equipment without consent inside the Bennetts’ property, in an attempt to get a lead on their barking dogs, and has now apologised. The Bennetts – who hold “responsible dog owner” status with the council – have accepted the apology and are waiting to hear from their lawyer about whether to take legal action against the council for the breach of privacy.