Just before Christmas 2020, hackers began to steal from One Treasure Island, a nonprofit that is redeveloping its namesake island in San Francisco Bay as a haven for low-income and formerly homeless people.
Over the next month, criminals siphoned $650,000 from the community organization. The money was earmarked as a loan to one of its member organizations for affordable housing projects on Treasure Island, a man-made strip of land smaller than a square mile that was built in the 1930s and served as a Navy facility until 1997.
Sherry Williams, One Treasure Island’s executive director, discovered something was wrong on Jan. 27, when she spoke by Zoom with the intended loan recipient, who hadn’t received the first installment as planned.
“It was absolutely devastating,” said Ms. Williams, who said she filed reports with the Federal Bureau of Investigation and other organizations immediately after learning about the theft.
Ransomware and nation-state hacks dominate public discussions of cybersecurity. The world watched when fuel pipelines shut down after an attack at Colonial Pipeline Co. and when corrupted software spread to companies and government agencies through incidents at SolarWinds Corp. and Microsoft Corp.