San Diego State University is racing to claw back millions after discovering that nearly $5.9 million wired last fall ended up in what federal investigators now call a fraudulent bank account. Federal documents say agents seized the account and recovered about $5.48 million, and university officials maintain that no protected student or personnel records were involved.
According to reporting by CBS8, SDSU wired $5.9 million on Sept. 29, 2025, into a Citibank account in the name of Renstev, LLC, and first realized something was wrong in October 2025. Federal records cited in that report describe the Citibank account as a decoy set up as part of the scheme, and say agents later seized it and recovered roughly $5.48 million. In a public statement, the university stressed that the incident did not involve sensitive student or employee data and said law enforcement is still investigating.
How investigators say the scheme worked
Federal guidance from the FBI’s Internet Crime Complaint Center describes a playbook that will sound depressingly familiar to fraud investigators. Scammers often pose as bank support staff, spin up convincing phishing sites, and rely on search-engine-poisoned ads to trick people into handing over credentials. Once they get access, they move money quickly through a series of accounts and cryptocurrency channels to make it harder to trace and recover.
As the advisory from IC3 explains, speed is everything after a suspected account takeover. Contacting the originating bank immediately and filing a complaint with IC3 are key steps, since the window to freeze or claw back funds can close in a matter of hours. The bulletin lays out specific actions that organizations and individuals should take as soon as they suspect fraud, with the goal of giving investigators the best shot at recovery.
Legal and financial fallout
Cases like SDSU’s also feed into a simmering legal debate over who eats the loss when criminals trick legitimate account holders into approving a wire transfer. An analysis from American Banker notes that courts and regulators are increasingly testing whether banks should reimburse victims under the Electronic Fund Transfer Act, and that judges have allowed some wire-fraud claims against banks to move forward. That evolving legal landscape raises the stakes for big institutional payors, including universities, to tighten verification processes and dual-authorization controls on large transfers.
Why it matters locally
San Diego State is a major public university with a growing fundraising footprint. In the 2024–25 fiscal year, donors contributed about $142.2 million, and the school’s endowment topped $500 million, according to SDSU. While the reported recovery of most of the wired funds eases the immediate hit to students and campus programs, any successful theft of university money can strain reserves or redirect dollars originally intended for scholarships, academic initiatives, or student services.
University officials say there was no compromise of sensitive student or personnel records, and that internal processes are under review to reduce the risk of future fraud attempts. For now, SDSU leaders say they are working closely with federal investigators and pressing ahead with recovery efforts, and law enforcement has indicated that the probe is ongoing, according to CBS8. Further details will depend on what agents uncover, and what federal authorities are willing to release.
