An investigation into a data breach attack of Grass Valley, California, has discovered city employee and citizen information was exposed. The breach, which occurred between April 13th and July 1st, 2021, resulted in an attacker transferring files outside of the network, including financial and personal info of “individuals associated with Grass Valley”.
I have some commentary from Saryu Nayyar, CEO and Founder of Gurucul on this attack:
It’s pretty clear that prevention and detection are the best ways to avoid being the next Grass Valley. Thus hopefully organizations of all sizes take note of this incident and plan their defences accordingly.
UPDATE: Elizabeth Wharton who is the VP Operations of SCYTHE
Municipalities struggle to identify and respond to data breaches, as I’ve experienced first-hand in the past. They suffer significantly from the cybersecurity skills gap, often with limited budgets. The cybersecurity industry needs to give them tools that help their teams gain experience with real-world threats so that they can continuously validate their processes and technologies, but it needs to provide them at a price-point that makes sense.
External Link: Grass Valley CA Pwned… Data Stolen