On June 29, 2021 the City of Grass Valley discovered an unknown source had made unauthorized access to our information systems. The perpetrators of this cyber attack informed the City they had obtained data from City systems and threatened to publish the data if the City did not pay ransom. The City took immediate actions to protect its systems and data, contacted local and federal law enforcement, and launched an investigation with the assistance of a professional cybersecurity firm.

This incident had minimal impact on the City’s ability to provide its services, including police, fire, and emergency response. Nearly all City systems remained operational, and any discretionary outages were brief and have now been restored. We are working to complete our investigation as quickly and thoroughly as possible with the assistance of outside experts. As our investigation proceeds, we will continue to look for opportunities to enhance our existing security measures, protect against future avenues of intrusion, and cooperate with federal authorities.

The City of Grass Valley understands the importance of maintaining the integrity and security of the data we hold in our systems, as well as our commitment to notify individuals whose data may have been compromised. Because of this commitment and after weighing the merits of protecting potentially exposed data, coupled with consultation with subject matter experts, the City did choose to pay a ransom to keep the data from being exposed. The amount was covered by insurance. The City is working to identify the potentially compromised data and will give the notice to those whose data was affected as the law requires. This work is ongoing.