Waterloo Brewing admits to having lost $2.1 million in a social engineering attack

• The incident, which the company has described as a ‘social engineering cyberattack’, occurred early this month.
• The scammers behind the attack had impersonated a creditor employee and raised a fraudulent transfer request.

The Kitchener-based beer maker Waterloo Brewing disclosed that it has lost $2.1 million in a recent cyberattack and there are no assurances that the company will recover all or even a portion of the fund.

What happened?

The incident, which the company has described as a ‘social engineering cyberattack’, happened early this month. The scammers behind the attack had impersonated a creditor employee and raised a fraudulent transfer request.

The company was not aware of the incident until this week.

What action has been taken?

After learning of the fraud, it initiated an analysis of all other transaction activity across all of its bank accounts. It also reviewed its internal systems, controls and computer networks.

"At this time, the company does not believe that its systems were breached or that any personal information of its customers is at risk," the company said in a statement, newsprint reported.

As a part of the precautionary measure, Waterloo Brewing has contacted local police, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) and the United States' Finance Crimes and Enforcement Network (FinCEN) to investigate the matter.

What actions are being taken?

The company plans to conduct an independent investigation of the company’s systems. It is also working with its auditors and bank to ensure all appropriate steps have been taken to mitigate future attacks.