Hackers rang up almost $4,800 in long-distance telephone calls via the phone system at the Pendleton Convention Center. But catching the culprits isn’t likely.
Kathy Marshall is an assistant at the convention center, 1601 Westgate, and handles front office duties, including fielding phone calls.
“It started in the beginning of January,” she said. “I was getting these strange, long-distance numbers coming in.”
The caller identification showed New York area codes and came one after another, sometimes as many as 16 or 17 in an hour. Just keeping up with the phone became a chore. Marshall has worked at the convention center 10 years, and never experienced anything like this.
“It got a little on the crazy side,” she said. “I was getting really very frustrated.”
When she picked up, the caller often hung up immediately or punched the key pad. A few times she heard what sounded like someone speaking Spanish in the background, or sitar music.
Marshall said she wrote down the numbers from the calls and the rare name that showed on the caller ID, and on Jan. 7 asked Eastern Oregon Telecom, the phone service provider, to block the numbers. But 30 minutes later, she said, they called from a new number.
But neither Marshall nor anyone else knew something was really amiss until a whopper of a phone bill came at the end of January. City finance director Linda Carter said clerks caught the phone bill because it was so much more than usual. Most of the city’s phone services total about $3,100-$3,200 a month, Carter said, which includes the nine lines at the convention center.
But the January bill for a single long-distance line out of the convention center was $4,716.21. Usually, Carter said, that line runs less than $50.
“It was really obvious something was not happening correctly,” she said. “Obviously we make some long-distance calls, but not this.”
The bad callers may have compromised another line at the convention center and likely began the hacks at the end of 2012. Carter said the city so far is disputing a total of $4,767.44 in phone services. She also said the city expects the February bill to show bogus charges.
The scheme worked like this: Someone called the convention center’s main answering system and punched in numbers to access a line to make long-distance calls. The convention center’s line acted like a bridge to call the Republic of Yemen, Cuba and Saudi Arabia. When Marshall answered the phone, though, she broke the bridge.
Carter said she told city manager Robb Corbett and facilities superintendent Glenn Graham, who oversees the city’s communications systems. He said the city has “locked down” international calls from city phones and provided some departments with codes to allow such calls.
“We believe we have it isolated to where it won’t happen again,” Graham said.
City attorney Nancy Kerns said Pendleton will be on the hook for at least a portion of the bill. Even though the crime amounts to theft of services, no agency regulates long-distance telephone services, she said, nor are there protections against long-distance calling fraud, such as for consumers who are victims of credit card chicanery.
And Pendleton police chief Stuart Roberts said there is little chance of catching the cheats responsible. He said this could have been a scheme simply to use free long distance, or swindlers could have duped people into paying for long-distance calling plans without the buyers knowing they were taking advantage of the city.
But the city lacks the resources to go after this case, Roberts said, and if the wrongdoers were sophisticated enough to hack into the system from thousands of miles away, they probably are pretty good at covering their tracks.
Contact Phil Wright at firstname.lastname@example.org or 541-966-0833.
This story originally appeared in East Oregonian.