“It is all heartbreaking and devastating in so many ways,” Preuss said. “It’s the combination of how could this happen, how could it be prevented and how do we make sure we can still focus on the critical issues in front of us.”
The FBI is assisting in an investigation of the incident, according to Joy Jiras, a spokeswoman for the agency’s field division in Baltimore. The FBI declined to comment further on the case.
The attack targeted an agency fund within the federation’s endowment, said Preuss, who declined to identify the agency, at its request. As of Wednesday, the federation’s internal investigation had found that other agency funds and donor information remained unscathed.
Federation leadership called the hack “alarming” and “unsettling” in a letter it planned to send to its community Thursday morning.
“We are very sorry this happened and are doing everything we can to recover the funds and to prevent an incident like this from ever happening again,” said a draft of the letter reviewed by The Washington Post.
The North Bethesda, Md.-based nonprofit federation employs 52 people and works with more than 100 organizations — including social services providers, Jewish schools and community centers — locally, nationally and around the world.
Members of the federation first discovered the hack Aug. 4, when its information-technology contractor detected suspicious activity in an employee’s email account. They said authorities believe the hackers first gained access to its system in early summer.
The security breach is part of a new wave of cyberattacks that have proliferated since millions of employees began teleworking earlier this year to prevent the spread of the novel coronavirus. Experts have long warned that remote operations leave companies especially vulnerable to hacks. Over the past five months, that prediction has come to fruition. Malwarebytes, an anti-malware software company, surveyed more than 200 cybersecurity and IT professionals across the United States and found 20 percent had faced a security breach as a result of remote work.
Since discovering the hack at the Jewish Federation, leaders have prohibited its employees from using personal computers and have begun working with a team of legal and cybersecurity experts to continue investigating the theft. They have also scanned all computer servers and brought in experts to perform an audit, according to the letter.
In response to the pandemic, the federation has distributed cash assistance to people struggling to afford rent and worked with local Jewish organizations that have been particularly challenged by the pandemic.
Preuss said he hopes the federation can soon shift focus away from the attack to dedicate its energy to the community it serves.
“I want people to know about this so we can deal with it, but also so we can work on these other matters,” Preuss said.