Frontline Fabrics says hackers stole about $1.4 million via a vendor-payment scam and is suing its insurer and two banks over the loss.
On December 26, 2025, Pennsylvania-based Frontline Fabrics, Inc. filed a lawsuit in the United States District Court for the Eastern District of Pennsylvania over what it describes as a vendor-payment scheme that allegedly diverted $1,426,476.86 from its accounts. The filing names TD Bank, N.A., Truist Bank, Early Warning Services, LLC (which operates Zelle), Turkish vendor Gulipek Kumas Ve Iplik Ve, Federal Insurance Company (a member of the Chubb Group of Insurance Companies), and unidentified hackers. The case is at an early stage, and no court has made any findings on the allegations.
Frontline, a manufacturer of flame-resistant products based in Bucks County, says the problem surfaced on February 21, 2025, when Gulipek contacted the company asserting that approximately $291,000 in invoices remained unpaid. Because Frontline’s controller, Tiffany Lawler, had recently resigned, employees accessed her archived emails and accounting records to investigate.
By February 25, 2025, Frontline’s management concluded that Lawler had caused multiple payments to be issued in Gulipek’s name but routed them to a different account: a recently opened TD Bank account rather than Gulipek’s historical Turkish bank account. According to the lawsuit, those payments were prompted by email exchanges between Lawler and Frontline’s local contact at Gulipek, Lonnie Braxton, using Braxton’s official Gulipek email address.
The filing states that, in emails recovered from Lawler’s account, Braxton instructed Lawler to update Gulipek’s bank information from a Turkish account to a TD Bank account in the United States. Frontline notes that this instruction matched earlier legitimate communications from Gulipek indicating it was opening a US bank account and would be transitioning to that new account.
On February 25, 2025, Frontline contacted Gulipek, which, according to the document, acknowledged it was opening a US bank account but stated it had not received the payments Lawler had made. Initially, Gulipek reported no detected issues with its systems. The next day, during a meeting with Frontline management on February 26, 2025, Braxton allegedly said his email address had been accessed by a third party, that he had not received Lawler’s responses, and that Gulipek had directed him to change all passwords and added a two-factor identification requirement before he could regain access to its systems.
Frontline’s systems, the lawsuit states, reflect six ACH payments released to the TD Bank account between January 13, 2025, and February 12, 2025. The payments, all made to and for the benefit of “Gulipek Kumas Ve Iplik,” were in the amounts of $184,372.13, $196,322.13, $195,002.70, $350,780.00, $295,484.90, and $204,515.00, totaling $1,426,476.86. Frontline alleges that TD Bank allowed an account to be opened in Gulipek’s name by a person or entity with no legitimate connection to the company, failed to implement reasonable measures to detect or prevent the fraudulent opening and misuse of the account, and then permitted large sums from a single source to be received and quickly withdrawn.
According to the filing, the funds were then transferred out of the TD Bank account to hackers in Haiti using the Zelle network operated by Early Warning Services. The transfers were allegedly flagged as suspicious, but TD Bank and/or Early Warning Services allowed them to go through, and the hackers converted Frontline’s funds into cryptocurrency. Truist, identified as Frontline’s bank, is alleged to have failed to employ commercially reasonable monitoring and fraud controls before allowing the outbound transfers to the TD Bank destination account.
On the insurance side, Frontline says it maintained crime coverage under a policy with Federal Insurance and, on April 1, 2025, formally filed a claim seeking full coverage for the $1,426,476.86 loss. The lawsuit states that Frontline treated the loss as potentially covered as employee and/or client theft, banking premises theft, forgery, computer systems fraud, funds transfer fraud, and social engineering fraud. On November 19, 2025, Federal Insurance allegedly denied all claims.
Frontline is asking the court to declare that its losses are covered under its policy with Federal Insurance and to order payment of the benefits it says are due. It also seeks damages from TD Bank, Truist, Early Warning Services, and Gulipek under negligence and Uniform Commercial Code theories, and from the unidentified hackers for conversion and identity theft. For now, these remain allegations in a newly filed federal case.
For insurance professionals, the case is a reminder that crime and social engineering coverage disputes can sit at the crossroads of banking controls, vendor risk and digital payment rails.
