Ryanair, a low-cost Irish airline, confirmed on Tuesday that a computer criminal scam stole €4.6 million ($5 million) from its bank accounts.
In a statement, the airline explained that it is currently investigating a scam that involved a “fraudulent electronic transfer via a Chinese bank last week.”
Ryanair added that it is working with its banks and the relevant authorities as they continue their investigation. In the meantime, the airline “understands that the funds (less than €4.5m) have now been frozen.”
Ryanair expects the stolen funds to ultimately be repaid. It also stated that it “has taken steps to ensure that this type of transfer cannot recur,” though the airline has not gone into any detail concerning these measures.
The fraudulent transfer was first uncovered on Friday of last week. Shortly after the initial discovery, the Criminal Assets Bureau (CAB), a law enforcement agency based in Ireland whose mission is to locate assets stolen in serious instances of rime, was asked to find the funds with the help of its Asian counterparts.
The CAB is part of the Camden Assets Recovery Interagency Network (CARIN), which aims to improve informal cross-border and interagency co-operation within the European Union and elsewhere.
CARIN’s Asia-Pacific counterpart is the Asset Recovery Interagency Network Asia Pacific, which is based in Korea.
At this time, it is unclear how the scam was perpetrated and who orchestrated the attack.
According to authorities, the funds appear to have been stolen from bank accounts that Ryanair uses to purchase fuel for its 400-plus Boeing 737-800 aircraft.
The airline is not the only Irish public company to be affected by a high-profile security incident in the past year. In July of 2014, Paddy Power confirmed that it had been hit by a data breach that resulted in the theft of 649,000 customers’ personal information, including names, addresses and dates of birth.