The City of Portland Lost $1.4 Million Due to an Email Security Breach

The city of Portland's email account was breached, which led to a fraudulent charge being made with city funds.

Entire cities aren’t even safe from hackers, as the city of Portland has reportedly lost $1.4 million due to a fraudulent charge that started off as an email security breach.

The online world has become a hotbed for nefarious actors and cyber criminals. Everything from ransomware attacks to security breaches have plagued businesses of all shapes and sizes, and the monetary loss from these cyber-attacks has been more than substantial.

Now, it appears Portland is one of the latest victims, as a simple email breach led to a massive fraudulent charge that the city is going to have a hard time recouping.

City of Portland Email Security Breach

Announced in a press release from city officials, a fraudulent charge of $1.4 million was made using city funds in late April. The breach appears to be due to external, unauthorized access to the City of Portland email account, which shows the importance of simple cybersecurity measures in the face of these kinds of threats.

“This incident demonstrates the growing threat of cyberattacks against individuals, businesses, and communities worldwide. At the City of Portland, we have invested in technology and established policies to minimize that threat,” read the statement.

Most of the information about the breach and subsequent fraudulent charge are being held under wraps “to prioritize security and ensure the integrity of the investigation.” The FBI, the US Secret Service, and the Portland Police Bureau have been informed and are conducting an investigation.

How to Protect Yourself Online

While the specific details of this case aren’t available, it’s safe to say a lack of proper cybersecurity measures are to blame. After all, something as simple as an email breach leading to this kind of financial hit further underscores the importance of taking steps to protect yourself and your business from cyber-attacks.

First off, if you’re conducting business anywhere but home or the office, a VPN can do a great job of protecting your activity and keeping hackers at bay. Additionally, securing your email account with a password manager could’ve prevented this hack if it was utilized due to poor password security. Finally, tools like antivirus software can alert you to malicious links and malware on your device, which can stop bad actors in their tracks.

Generally speaking, being careful online is the best way to keep yourself safe. In most cases, cyber-attacks aren’t nearly as sophisticated as they’d like you to believe, and spotting mistakes like spelling errors, errant punctuation, and other obvious tells can be the difference between a secure network and a $1.4 million fraudulent charge.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:
Conor is the Lead Writer for For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is's top-rated VPN service See Deals