Grass Valley CA Hit by Cyber Attack
Table of Contents
- By David Lukic
- Published: Jan 13, 2022
- Last Updated: Mar 18, 2022
Grass Valley, a city in California, has been hit by a cyber-attack. The attack exfiltrated financial data and personal information pertaining to vendors that do business with the city, employees of the city, dependents of those employees, and even the spouses of city employees.
How was the Attack Revealed?
The city of Grass Valley published a data security incident report stating an anonymous digital attacker illegally accessed the city’s information technology systems across a period of four months in 2021. City representatives state the attacker exploited the city through unauthorized access between mid-April and the start of summer. The attack stole highly sensitive data, yet the city did not reveal the extent of the information plucked from its systems.
Who is Affected by the Attack?
Aside from the parties noted above, the Grass Valley cyber-attack also stole information from individuals whose data was provided to the city’s police department. The attack also tapped into the data pertaining to individuals whose information was given to the city’s Community Development Department in loan application paperwork.
The threat actor accessed information ranging from social security numbers to health insurance information, the names of vendors, and driver’s license numbers. City Grass officials also revealed individuals who provided information to the Grass Valley Police Department and those who applied for a community development loan might have had their passport number, payment card information, financial account information, username, and password credentials stolen.
How Did the Grass Valley Officials Respond to the Attack?
Grass Valley city representatives refuse to state the specific date that the information was stolen yet they were willing to expound on their response to the stolen data. City officials reveal they took steps to secure the information technology network. The city also reached out to law enforcement and launched a formal investigation. Grass Valley is currently receiving assistance form a cyber security specialist to perform digital forensics and mitigate the potential for additional attacks down the line.
The city also conducted an extensive review of the improperly accessed files during the attack. Representatives of the city began notifying victims of the hacking incident last week. The city also issued a public statement to quell fears of a subsequent attack. The city’s statement touched on how it plans to perform an in-depth review of its information technology systems to prevent another data breach from occurring down the line. The statement also highlighted the fact that the city is taking the necessary steps to bolster its digital security protocols.