April 27, 2019 Dear Members of Saint Ambrose: I hope and pray you, and your loved ones, had a very blessed Easter! There was certainly an amazing energy and Spirit as we celebrated the joy of the Risen Christ in our renewed Church. As I shared on Easter, my prayer is that this holy place will always be our ‘home’ where we can all find the wisdom, strength, light and peace of the Lord. God bless you for your continued support for our parish that allows us to do all the good things we do together for the Lord and our community. On Wednesday of Holy Week, I received some very difficult news that I need to share with you this weekend at Mass, and by way of this letter. Our Vision 2020 Team has been working hand in hand with Marous Brothers Construction to renew our Church. By all accounts, the project has been going extremely well – both on time and on budget. On Wednesday, Marous Brothers called inquiring as to why we had not paid our monthly payment on the project for the past two months totaling approximately $1,750,000. This was shocking news to us, as we have been very prompt on our payments every month and have received all the appropriate confirmations from the bank that the wire transfers of money to Marous were executed/confirmed. I contacted the Brunswick Police, our bank, Marous Brothers, and the Diocese immediately, and the FBI was also brought in. Upon a deeper investigation by the FBI, we found that our email system was hacked and the perpetrators were able to deceive us into believing Marous Brothers had changed their bank and wiring instructions. The result is that our payments were sent to a fraudulent bank account and the money was then swept out by the perpetrators before anyone knew what had happened. Needless to say, this was very distressing information. We are now working closely with the Diocese, legal counsel, the insurance program, and the FBI to investigate the situation further and file the appropriate insurance claims. At the same time, we brought in information technology consultants to review the security and stability of our system, change all passwords, and verify the integrity of our databases and other pertinent information. They have determined the breach was limited to only two email accounts. The FBI investigation will continue. We are working closely with the Diocese and its insurance program to file a claim in the hopes that Marous Brothers Construction can receive their payment quickly and we can bring this important project for our parish to a positive completion. Needless to say, I have been sick about the situation and am working as hard as possible to address every aspect of this problem. I am sure you may also have further questions and thus the back side of this letter addresses additional points. As things develop, I will continue to update you. Please know how very sorry I am that this has occurred in our parish community. If I/we had any idea, any clue, any information that the money was not being sent to the right account, we would have addressed it immediately. I pray that this will not diminish the joy of our renewed Church, or your support for our parish community. Throughout the Triduum and Easter, I have been praying mightily that the Light will shine through the darkness of this situation and that God will give us the grace and strength to walk forward in faith and hope. Please pray for God’s strength and guidance for all involved in this situation, and that God will provide encouragement and strength to walk our parish forward. On this Divine Mercy Sunday, may each of us know the mercy and compassion of the Lord. Be assured of my prayers now and always. Father Bob Stec How did this happen? There’s no quick and easy answer to this question, but in short, the perpetrator (unbeknownst to us) gained access to two employee email accounts which were used to deceive the parish and perpetrate the fraud. To the best of our knowledge, only these two transactions between MBC and SA were involved and impacted. What can we do to make sure this never happens again? While we regularly change passwords and make sure our firewalls, etc. are up-to-date, we are reviewing our systems and our strategy to protect our parish and its records. Our parish works with a very qualified information technology consultant who serves many parishes in the Diocese and they have just completed a review of our system and assured us we are using strong firewalls/protection. That said, while we are already proactive in our practices, we are also in the process of engaging another firm who are experts in IT security to do a complete independent review of our system and all our procedures. I can assure you that we are also reviewing our cash disbursement procedures and, at a minimum, will be returning to sending manual checks instead of wire transfers to address our financial obligations. Were any parish databases breached? After reviewing our systems, to the best of our knowledge, only the email system was breached/compromised. Our parish database is stored in a secure cloud-based system. This allows for many layers of security/protection of our parish database information. What about my Automatic Giving Information? The automated giving program is done through KeyBank. Their systems and storage of information is totally independent of the St. Ambrose systems and thus were not exposed, in any way, as a result of this issue. KeyBank maintains state-of-the art security and is required to do so contractually by our arrangement with them. As noted above, no personal financial information (credit card/ACH) is stored on the Saint Ambrose computer systems. Your credit card and bank information were not compromised. Will insurance cover the stolen money? The Diocese has been working to prepare our insurance claim which was submitted late last week. We are hopeful that the claim will be successful and allow us to address our financial obligation to Marous Brothers Construction in a timely way. I will certainly keep you updated as to the progress of the processing of the insurance claim. What happens with the construction project? We are working with Marous Brothers Construction to complete the project. There’s about four more weeks of work to complete the front columns/entry, south entrance, and chapel, along with the punch list. Some good reminders: • • • Hackers are constantly sending spam, phishing, and social engineered messages asking for money and information. Saint Ambrose will never ask for gift cards, money, or your personal information to be given to us by email or by phone. Always check the email addresses of any email you receive to make sure that it is an authentic and recognized email (e.g. all parish email comes from: first initial and full last name @StAmbrose.us). Always check to ensure that the “From” name matches the sender’s email address. If you ever have a question, or receive an email that looks questionable from Saint Ambrose, please be quick to call and ask for verification and guidance. This letter and Q/A are based on the information we have as of April 27, 2019. If you have additional questions, please join us on Wednesday, May 1 at 7 pm in the Mother Teresa Room.