Police on Monday were investigating how the electricity authority (EAC) were apparently conned into paying thousands of euros to a hacker who pretended he was from a foreign company that did maintenance work at the Vasilikos power station.
The story was reported by daily Politis, which said the conman had hacked the maintenance company’s systems and apparently found an invoice issued to the EAC.
The hacker then emailed the EAC and asked them to transfer the amount to a new account, which they did last month.
No figure was made public but it is understood to be around €200,000.
It soon emerged that the new account had nothing to do with the EAC’s supplier who is now demanding payment.
The EAC declined to provide details of the case on Monday other than it concerned maintenance work done at the Vasilikos power station.
“The case is being handled by the police,” spokeswoman Christina Papadopoulou said.
Politis said the EAC is contesting the case, arguing that it was the company’s fault for not securing its clients’ data.
Meanwhile, it has ordered its own investigation into the affair, ordering the accounts department not to make any payments unless the supplier’s identity has been confirmed and an original invoice provided.
Politis reported that a similar incident took place in the past and staff were instructed to follow procedures during payment.