Newsletter Signup

Burlington Post Column: Updating Residents After City was Targeted by Criminal Fraud

STOCK_Mayor Office_Interior

The following column was submitted to the Burlington Post and appears online and will appear in its Thursday, Sept. 26 print edition.

Many of you may be asking what has happened since the City of Burlington was targeted by criminal fraud of $503,000 this past May.

In order to provide transparency and accountability to residents, I asked our staff to provide a public update at the Sept. 11 Audit committee on what we’ve learned and how we’re protecting ourselves. The public report is available online (

We learned that a single transaction was made to a falsified bank account as a result of a complex phishing email to City staff requesting to change banking information for an established City vendor.

Upon learning of the fraudulent payment, the City immediately contacted our financial institution and the Halton Regional Police Service (HRPS). A criminal investigation is underway, and as soon as we can share more about that, I will.

The city also immediately started an internal investigation, which confirmed that our IT system was not compromised, no employees were involved in perpetrating the fraud, and no personal information was stolen or shared. Further, the city made immediate changes to our internal protocols to prevent this in future.

I’m confident we know what happened and have made the necessary changes to protect the city. Our goal is to recover the funds and work with police to hold those who did this accountable, so they can’t target anyone else.

We know cyber fraud is a growing area of risk for municipalities, and there have been recent reports of other cities across the country falling victim to a similar scheme that ensnared Burlington. I will be raising this matter with my fellow mayors at the Large Urban Mayors Caucus of Ontario when we meet in November, so we can share our experiences and expertise to protect all our citizens.

Cyber fraud is also a growing area of risk for organizations and individuals. One way you can protect yourself is to never share financial information online. If you get an email asking for password changes, seeking banking or other financial information, even from an agent you may do business with, call first. I also recommend visiting the HRPS website for some tips for fraud prevention and protection against cybercrime (

Burlington Mayor Marianne Meed Ward can be reached at


Receive new post notifications by email

2 thoughts on “Burlington Post Column: Updating Residents After City was Targeted by Criminal Fraud”

  1. The issue here wasn’t the financial info of the City being shared. It seems more like a fraudster posed as a valid vendor and asked for the next payment to be sent to a new beneficiary banking info. The way to minimize the risk in these circumstances is to Google for the contact info for the “new” beneficiary bank and call the bank to confirm that the beneficiary on the new bank information matches that of your vendor who requested the change. Also contact a verified, known individual of the vendor by phone, not email, and ask for their accounting department, who you ask to confirm their banking info. But definitely contact the new bank.

  2. This is a good learning experience. Every level of Government, Corporation; sole propietorship and household should investigate and understand the reality that they can be a victim of Cyber Crime. No one is immune. The risk to everyone is there and it is one of the fastest growing crimes in the world. I heartily recommend that everyone review their current insurance policies to see if they have the proper coverage and limits needed to protect themselves and their business operations. It would be well worthwhile and alleviate a lot of worry, pain and financial loss.

What's your take?

Here are guidelines before you comment, and our expectations before we will post:

  • Be civil. Would you speak this way to a good friend? If not, rewrite.
  • Focus on the issues. Build your argument and make your case in support of your opinion from facts, research or other sources. That way we can all learn. “I disagree with so-and-so because…” is fine; “So-and-so is naïve/stupid  for thinking the way he/she does and here’s why…” is not acceptable.
  • Don’t make personal attacks. Don’t assume motives of those you disagree with, make unfounded allegations, spread rumours, or engage in any other behaviours that would discourage you from participating if someone said this to, or about, you. The Golden Rule applies: Do unto others as you would have done to you. We will edit or not post comments with this type of content.
  • Say it once: When comments from the same individual or individuals become repetitive, going over ground already stated, we reserve the right to close commenting.
  • Use your full, and real, name. If wish to make a comment in public, we expect you will publicly stand behind it with your name. If you don’t want to publicly reveal your name, that’s fine; you are always welcome to share your thoughts with me privately via my email below. I welcome and consider all feedback in making decisions for the community.
  • Have fun, consider and learn. Share your views and read those of others. May we all benefit from a healthy exchange of ideas, and learn a little more about the people in our community, what you think, and what’s important to each of you. You may end up changing your mind about an issue; even if you don’t, we hope everyone will gain a greater understanding of why people have different perspectives.

Newsletter Sign Up

Phone: 905-335-7607

Constituent Assistant: Hannelie van Niekerk
905-335-7600, ext. 7689