Sri Lanka has reported another missing overseas payment only days after officials revealed that hackers stole $2.5 million from the finance ministry. This has raised concerns that the country could be dealing with a wider problem of financial cyber fraud, not just a single incident.
Sri Lanka said on Tuesday that a payment of about $625,000, or around 199.7 million Sri Lankan rupees, meant for the U.S. Postal Service has been missing for several weeks after U.S. officials said the money never arrived.
A second missing payment raises new alarm
The new disclosure is more serious because of how it came to light.
TechCrunch reports that Sri Lankan authorities found the problem after hackers allegedly tried to redirect another payment meant for India. Australian officials also noticed “irregularities” in payments owed to them. This suggests the first breach may have revealed a bigger weakness in how international or institutional payments are managed.
This news comes just days after Sri Lankan officials confirmed the earlier $2.5 million cyber theft.
The Times of India, quoting AFP, said cyber criminals hacked into the finance ministry’s computer system and stole the money.
The government called it the largest cash theft by hackers against a state institution in Sri Lanka. Finance ministry secretary Harshana Suriyapperuma said the money was meant to repay debt to Australia.
Government says investigators are examining the breach
Suriyapperuma told reporters last week that the hackers sent the payment from the country’s postal authority to other bank accounts, instead of the intended recipient.
The Times of India also said that four senior officers at the Public Debt Management Office (PDMO) were suspended after the breach. Suriyapperuma added that criminal investigators are looking into the case and the government cannot share more details yet.
This case is politically sensitive because Sri Lanka is still recovering from its 2022 economic crisis, when the country defaulted on its external debt and went through months of unrest.
These new security problems have put more pressure on the government as it works to restore financial stability. The incident as a major setback for a country still coming out of crisis and relying on an IMF-backed $2.9 billion bailout that started in 2023.
Signs point to business email compromise
Officials have not yet said if the missing payments are connected, but the pattern looks like business email compromise (BEC) attacks. These scams usually involve hackers getting into email inboxes or accounting systems and changing banking details during payment processes.
This is important because BEC attacks do not always need advanced malware; they can work by taking advantage of weak payment controls and poor verification during routine transactions.
It is still not clear if the missing $625,000 U.S. payment, the $2.5 million theft linked to Australia, and the attempted payment diversion to India are all part of the same scheme.
Member of Parliament Nalinda Jayatissa said the government is investigating if the incidents are related.
A cyber breach with wider financial implications
The situation is worrying for Sri Lanka because the losses seem to go beyond just one ministry’s transaction. If several government or institutional payments were affected, this breach could hurt trust in the government’s financial controls at a sensitive time in the country’s recovery.
The amounts lost are important, but the bigger risk is to the country’s reputation. When a government is seen as open to fraud in handling debt repayments and international transfers, the impact can be much greater than just the stolen money.
