AFP reports:
Austrian aircraft parts maker FACC said Wednesday that it has fired its chief executive of 17 years after cyber criminals stole some 50 million euros ($55.7 million) in a so-called “fake president” scam.
FACC, whose customers include Airbus, Boeing and Rolls-Royce, said that the its supervisory board sacked Walter Stephan with immediate effect after he “severely violated his duties”.
Press reports said that in January a FACC employee wired around 50 million euros, equivalent to almost 10 percent of annual revenues, after receiving emailed instructions from someone posing as Stephan.
Read more on SecurityWeek.
So they fired the CEO…. why, exactly? They don’t seem to say. Reuters reports:
“The supervisory board came to the conclusion that Mr. Walter Stephan has severely violated his duties, in particular in relation to the ‘fake president incident’,” FACC said.
A company spokesman declined to give details of how Stephan had violated his duties. The firm said no comment was available from Stephan.
While it does seem odd to fire a CEO for things of this nature, they are often the highest paid employee and ultimately responsible for every aspect of the business. Seems like the company may have lacked policies on how to deal with such email scams. Clearly not isolated to FACC. Staff need to be better trained to think through these events versus being purely reactive, particularly when handling a presumed funds request from the company’s CEO. Sounds like there was no effort made to validate the request at FACC before the employee – with access to the company bank account – wired the funds.