Texas K-12 district loses $2.3 million in email scam

Manor Independent School District, which disclosed the theft last week, says it's following several "strong leads" alongside the FBI and local police.
(Getty Images)

Texas police and the FBI have launched an investigation into an email phishing scam in which $2.3 million was stolen from Manor Independent School District, the district announced Friday.

The scam marks one of the most costly recorded attacks of its type against a K-12 school district. It trumps an incident in 2018 against Crowley ISD near Dallas, Texas, that resulted in the loss of nearly $2 million, while a scam hitting Scott County Schools last April cost that district $3.7 million.

There were three fraudulent transactions made as part of the scam, Manor Police Department Det. Anne Lopez told CNN. Though no other information was provided, the initial description is consistent with a type of scam using phishing emails known as a “business email compromise,” in which a fraudulent actor fools someone with access to an organization’s finances to route payments to a new account under the guise of paying for services under an existing and legitimate contract.

Manor ISD, which is located just outside of Austin, Texas, and serves about 10,000 students, said Friday the investigation remained ongoing, but authorities are following several “strong leads” in the case. District officials could not be reached for comment on Monday.


“Manor ISD appreciates the Manor Police Department working together to communicate this to our community,” the district said in a Facebook post Friday.

Both phishing emails and business email compromise attacks are on the rise. There were about 20 publicly disclosed phishing attacks against K-12 education agencies in 2018, according to the K-12 Cybersecurity Research Center. Business email compromise attacks, according to the data security company Mimecast, can easily slip past email security protections and increased by 269 percent across all sectors in 2018.

This story was corrected after publication to indicate that this was not the most costly business email compromise affecting a school district.

Betsy Foresman

Written by Betsy Foresman

Betsy Foresman was an education reporter for EdScoop from 2018 through early 2021, where she wrote about the virtues and challenges of innovative technology solutions used in higher education and K-12 spaces. Foresman also covered local government IT for StateScoop, on occasion. Foresman graduated from Texas Christian University in 2018 — go Frogs! — with a BA in journalism and psychology. During her senior year, she worked as an intern at the Center for Strategic and International Studies in Washington, D.C., and moved back to the capital after completing her degree because, like Shrek, she feels most at home in the swamp. Foresman previously worked at Scoop News Group as an editorial fellow.

Latest Podcasts