Grass Valley CA Pwned … Data Stolen

January 11, 2022

www.itnerd.blog »

An investigation into a data breach attack of Grass Valley, California, has discovered city employee and citizen information was exposed. The breach, which occurred between April 13^th and July 1^st, 2021, resulted in an attacker transferring files outside of the network, including financial and personal info of “individuals associated with Grass Valley”.

I have some commentary from Saryu Nayyar, CEO and Founder of Gurucul on this attack:

“The ability to understand users, access and entitlements are essential in determining anomalous behaviors for determining whether access to and transmissions of sensitive data is actually the work of a malicious threat actor. Moving from traditional SIEMs and XDR tools to a next generation SIEM with XDR capabilities is critical as the initial activity, before data theft occurs, can be prioritized as a high-risk event based on a baseline of what is normal as well as monitoring for deviations that are indicative of an attack campaign, especially with adaptable Machine Learning (ML) models.”

It’s pretty clear that prevention and detection are the best ways to avoid being the next Grass Valley. Thus hopefully organizations of all sizes take note of this incident and plan their defences accordingly.

UPDATE: Elizabeth Wharton who is the VP Operations of SCYTHE

Municipalities struggle to identify and respond to data breaches, as I’ve experienced first-hand in the past. They suffer significantly from the cybersecurity skills gap, often with limited budgets. The cybersecurity industry needs to give them tools that help their teams gain experience with real-world threats so that they can continuously validate their processes and technologies, but it needs to provide them at a price-point that makes sense.

External Link: Grass Valley CA Pwned… Data Stolen

Share this page:

Grass Valley CA Pwned… Data Stolen

Related Posts