On February 7th, 2016, the offices of the Bangladesh Central Bank was mostly empty. Most employees were home for the Chinese New Year holidays and only a few staff remained. However, there was a minor issue. For the past few days, the bank’s finance department’s printer was not working. The printer was designed to alert the staff of any transfer of money from the bank’s accounts. As a result, the staff was not aware of any recent transactions. When the printer was finally fixed and the reports started rolling out, employees were shocked to discover that almost $1 Billion USD has been removed from their accounts.

How could this happen? The computer-security system at the bank was supposed to be unbreakable. A month before the heist, an employee at the bank inadvertently opened an infected email, which installed malware on the bank’s information systems. The hacker then used their access to crash the printer, and sent payment requests from the bank’s New York accounts to phoney accounts all over the world.

The Bangladesh Central Bank keeps it’s money in accounts at the New York Federal Reserve Bank. Once employees at the New York bank received the “payment orders” from Bangledesh, they started processing the transfers. However, in a complete stroke of luck for the Bangladesh Bank, one of the words in the payment order sent from the hackers coincidentally matched up with the name of a unrelated black-listed company in the US. Therefore, the New York bank halted the transfer of the vast majority of the funds.

The hacker had set up fake companies in order to receive the cash. However, they had misspelt the word “Foundation” and instead entered the word “Fandation” in their company name. This raised suspicion and a further $20 Million was blocked.

In the end, the hackers made off with over $80 Million. While the heist could have been a lot larger, it was still the single biggest bank heist, cyber or otherwise, in history. The perpetrators were never found and the money was laundered and became untraceable. Some experts suspect North Korea may be responsible for the heist, but the truth may never be uncovered.

Charles