Sri Lanka Reports Missing $625,000 Payment to U.S. Postal Service
Sri Lanka says a missing $625,000 payment to the U.S. Postal Service is under investigation after alleged hackers diverted funds, officials announced on Tuesday. The disclosure follows detection of irregular activity when bankers flagged a separate attempted diversion of a payment intended for India.
Sri Lanka Reports Missing $625,000 Payment to U.S. Postal Service
Sri Lanka’s finance ministry confirmed that approximately $625,000 — about 199.7 million Sri Lankan rupees — that was intended for the U.S. Postal Service has not arrived at its destination. Treasury Secretary Harshana Suriyapperuma told reporters that the payment was routed “to other bank accounts, instead of the intended recipient,” prompting the inquiry.
The missing $625,000 payment was identified after banks and payment processors noticed mismatches during routine reconciliation, officials said. Authorities have not yet disclosed the exact payment channels involved, citing the ongoing nature of the probe.
Authorities Flag Attempted Diversion of Payment to India
Officials became aware of the USPS payment after investigators intercepted what they described as a parallel attempt to redirect funds bound for India. That unsuccessful diversion triggered deeper checks across recent outbound transactions, which revealed the missing U.S. payment.
Investigators are examining whether the two incidents share a common vector, including compromised email accounts, altered bank instructions, or falsified invoices. Member of Parliament Nalinda Jayatissa said investigators are working to determine whether the cases are linked but cautioned that the probe remains at an early stage.
Australian Authorities Notified of Possible Irregularities
Sri Lankan authorities have also informed Australian counterparts after reporting irregularities in payments owed to Australia, suggesting the activity could extend beyond a single instance. Officials said they notified foreign partners as part of coordinated efforts to trace funds and freeze suspicious accounts.
The involvement of multiple recipient countries has raised concerns among international banking partners and prompted outreach to correspondent banks to assist in tracking transactions. Financial intelligence units in the affected jurisdictions are expected to exchange alerts and transactional data in the coming days.
Earlier $2.5 Million Theft Spurs Broader Probe
The announcement comes days after a separate incident in which hackers stole about $2.5 million from an account tied to Sri Lanka’s finance ministry, a breach that was disclosed by government officials on April 23, 2026. That event already had triggered heightened scrutiny of state payments and accounting systems.
Authorities say the successive incidents have widened the scope of the investigation and intensified efforts to audit internal controls across ministries and state-owned entities. Officials have signaled potential disciplinary action and a review of payment approval protocols if systemic weaknesses are identified.
Experts Say Business Email Compromise Likely
Cybersecurity analysts consulted by newsrooms describe the pattern as consistent with business email compromise (BEC), a type of fraud in which attackers infiltrate email or accounting systems to change payment instructions. BEC attacks often exploit weak authentication, social engineering, or spear-phishing to insert new bank details into legitimate invoice workflows.
Recent data from international law enforcement shows BEC remains among the most profitable cybercrimes, with single breaches sometimes yielding large transfers to mule accounts. Experts warn that recovery of funds is challenging without rapid cross-border cooperation and robust tracing by correspondent banks.
Financial and Political Pressure on Government Intensifies
The sequence of thefts has amplified pressure on Sri Lanka’s government as the country continues to recover from an economic crisis that led to a sovereign default in 2022. Officials say the incidents threaten public confidence at a sensitive moment when state finances are already under strain.
Parliamentary leaders have urged swift transparency and asked for independent audit support to reassure creditors and international partners. The government has pledged cooperation with foreign law enforcement agencies and said it will strengthen cybersecurity measures across public sector payment systems.
Sri Lanka’s central bank and finance ministry have initiated emergency steps to contain further risk, including temporary holds on high-value outbound transfers and mandatory verification layers for international payments. Financial institutions involved in the flagged transactions are working with regulators to trace beneficiaries, freeze suspect funds, and identify intermediary banks used in the diversions.
Lawmakers and analysts say the outcome of the investigations could influence upcoming budgetary decisions and any negotiated assistance from international lenders. For now, investigators are focused on mapping the full extent of the missing $625,000 payment, tracing any recovered funds, and determining whether criminal networks or insiders were involved.
