White Lake Township, Michigan, plans to bounce back from the hack that forced it to cancel a bond sale with new bond plans to finance construction of a civic center.
In November, according to
"We can report that White Lake Township never received any bond proceeds and therefore no bonds were issued," White Lake Township Police Chief Daniel Keller said
Reached on Wednesday, White Lake Township Treasurer Mike Roman confirmed the township is in the process of issuing bonds.
The township has issued a preliminary official statement for the $29 million limited tax general obligation bond sale.
This time the deal will be sold through negotiation, with Stifel and JPMorgan as lead managers.
The POS sheds more light on the circumstances of the hack.
The township had
According to the
According to the POS, Baird says it has thus far recovered $21.3 million of the $29.064 million purchase price of the Series 2024B bonds, which were canceled.
There is currently no pending litigation, but attorneys for Baird have reserved the right to pursue claims in the future.
"It is possible that the damages claimed could exceed available insurance coverage," according to the POS.
The White Lake Township hack is not the only time hackers have interfered with a bond financing, but it is the only example that has been made public so far, according to Omid Rahmani, public finance cybersecurity lead at Fitch Ratings.
Last month, Rahmani
As the public finance sector grapples with a problem that has swiftly evolved from theoretical to real threat, participants across the market are confronting a need to develop industrywide best practices.
Cyber security was discussed at the recent Government Finance Officers Association conference in Washington, D.C., where the White Lake Township hack came up and it was noted that fraudsters are getting more sophisticated, according to Bond Buyer reporters present.
S&P Global Ratings assigns its AA-plus rating to the township's
Diana Cook, associate director for S&P Global U.S. Public Finance Ratings, told The Bond Buyer the township did have a cyber insurance policy — according to the POS, the policy is from the Michigan Municipal Risk Management Authority — and confirmed that "the bond proceeds from the recently rated Series 2025 bonds will be used to finance the construction of a new public safety headquarters and a new township civic building."
The township engaged Baker Tilly as municipal advisor Dec. 17, according to public documents from that night's township board meeting.
The firm recommended the township change the bond sale method to a negotiated sale; discuss the status of the Series 2024B bond issue legal concerns and what additional disclosure will be needed for the Series 2025 bonds; and address cyber security concerns raised by the rating agency.
"Goal will be to move as quickly as possible to meet desired construction requirements," Baker Tilly noted in the document.
A spokesperson said Baker Tilly has no comment on client matters.
Bendzinski & Co. was municipal advisor for the ultimately canceled competitive deal, according to the IHS Markit bond calendar published in The Bond Buyer in October.
In a Jan. 22 rating report, S&P affirmed its AA-plus rating on the township's GO debt outstanding and noted that the Series 2025 bonds are backed by the township's full faith, credit and resources pledge and an obligation to levy ad valorem property taxes.
S&P also provided more details about the earlier hack, saying it occurred through limited, unauthorized access to a township employee's email account.
The township's insurance policy will cover legal and investigative costs, the rating agency said.
"As the forensic investigation is still ongoing and not all funds have been recovered, we see some potential contingent liability risk associated with the cyber-security attack should other parties involved decide to take legal action," S&P said.
The rating agency added that the hack caused construction cost cash flow issues, and as a result, the township will accelerate planned use of reserves in its capital improvement revolving fund to support project costs until bond proceeds come in.
S&P said it continues to view management as above average due to conservative budgeting practices and the maintenance of a five-year capital improvement plan, as well as newly-enhanced cyber security practices.
"In our view, the cyber-security attack exposed some weaknesses in the township's cyber-security practices relating to password security," S&P said. "However, management's swift response and enhanced cyber-security protocols, coupled with outstanding practices, mitigate future threats."
"We are continuing to monitor the on-going investigation into the cyber-attack and any associated litigation," S&P's Cook said on Wednesday.
