The heist is believed to have been carried out by a North Korean state-backed hacking group.
Cybercriminals allegedly exploited the bank's security vulnerabilities to first steal $81 million by targeting the bank's connections with the Society for Worldwide Interbank Financial Telecommunication (SWIFT) system, transferring the stolen funds to accounts in the Philippines and Sri Lanka.
The hackers transferred the money to Rizal Commercial Banking Corporation in the Philippines via four different transfer requests.
An additional $20 million was sent to Pan Asia Banking in a single request.
The Bangladesh Bank managed to halt $850 million in other attempted transactions.
The $81 million was deposited into four accounts at a Rizal branch in Manila on Feb. 4, 2016. These accounts had all been opened a year earlier, but had been inactive with just $500 sitting in them until the stolen funds arrived in February 2016, according to Reuters.
A probe panel formed by the Bangladesh Bank, headed by former governor Mohammed Farashuddin, submitted its report to the finance ministry in May 2017. But the nation’s Finance Minister did not release the committee’s findings “despite repeated pledges to do so.”
About $15 million of the stolen reserves that made it to Manila-based Rizal Commercial Banking Corp were returned to Bangladesh, but the remainder of the money has not been found.