Eden Prairie police are trying to track down the person or persons who stole $1 million from the Margaret A. Cargill Foundation by intercepting money to one of its grant winners.

Minnesota's largest philanthropy, which is based in Eden Prairie and named after an heiress to the Cargill corporate fortune, reported the alleged fraud to police last month, according to a search warrant filed last week in Hennepin County District Court.

It's part of a general rise in cyberattacks on nonprofits and foundations, technology experts say.

"They are an increasing target," said Joel Barker, president of Brave North Technology in Minneapolis, which provides IT services to nonprofits, foundations and small businesses. "They are transmitting a lot of dollars, and bad actors know that they're doing that."

Officials with the Margaret A. Cargill Foundation, one of two foundations under Margaret A. Cargill Philanthropies (MACP), told Eden Prairie police that they had awarded a $2 million grant to an unnamed Alaska organization that was to be distributed in three payments using an online grants-management system.

The foundation sent the first payment of $1 million to the bank account listed in the online system, but the grantee never got the money, according to the search warrant.

Instead, according to the search warrant, someone gained access to an employee's e-mail and login code for the online system at the Alaska organization and changed the bank account number.

Eden Prairie investigators reviewed bank records and found the money had been diverted to a presumed shell company called "BEATRZ LLC," which transferred $45,090 over the Zelle payment network, wrote more than $929,000 in cashier's checks and used the account on trips to Costco, McDonald's, Starbucks and Panda Express — all in Dallas suburbs.

Eden Prairie police filed the search warrant to get surveillance video and receipts from the Starbucks in Mesquite, Texas, after someone made a $10.39 purchase there last month.

So far, no arrests or charges have been filed in the case.

Margaret A. Cargill Philanthropies had $9 billion in assets as of 2021, ranking it among the largest philanthropic organizations in the United States. Its two foundations, the Margaret A. Cargill Foundation and Anne Ray Foundation, award more than 100 grants a year, giving on average about $2 million to each grantee.

MACP President Heather Kukla said in a statement that the foundation's grantmaking operations are safely continuing without interruption.

"As cybercrime becomes more sophisticated, we continue to invest in secure platforms and processes at Margaret A. Cargill Philanthropies to ensure we protect charitable assets and support our grantee partners," she said. "MACP has confidence in our grantmaking systems, and we have no reason to believe those systems are compromised."

Increasing cyberthreats

Barker said nonprofits are seeing a rise in cyberattacks in part because corporations have implemented tougher cybersecurity measures, leading criminals to target smaller businesses and charities instead. His clients, which include organizations of all sizes, are reporting threats at least weekly, he added.

In phishing attacks, Barker said, it's unlikely the criminal or criminals will be caught, especially if money is transferred to an international account. Cybersecurity insurance may help organizations recoup losses, but losing money in a cyberattack could be catastrophic for small nonprofits, he said.

"Margaret A. Cargill Philanthropies, they're going to be fine; they can absorb a $1 million loss. Other nonprofits that are transmitting smaller dollars, maybe that would be substantial enough that they wouldn't recover," Barker said.

He recommends that nonprofits develop response plans and train employees on cybersecurity — especially accountants — and ensure that employees use multi-factor authentication. Updated bank account information should be verified over the phone, he added.

He said a purported vendor earlier this year sought to change bank account details with one of his clients, but the client called to verify the information and realized something was amiss before any money changed hands.

With millions of dollars in extra state funding this year going to nonprofits, ranging from homeless shelters to food shelves, nonprofits and foundations are more at risk of criminals trying to exploit the infusion of cash, Barker said.

"I would anticipate there's going to be a significant increase [in cyberattacks] this year given … more and more government dollars coming in," he said. "It means there needs to be a lot more awareness and there's going to be a lot more people trying to take advantage of that."