Sequoia Capital Discloses Data Breach – Expert Insights

By   ISBuzz Team
Writer , Information Security Buzz | Feb 26, 2021 02:51 am PST

The VC firm Sequoia Capital disclosed an email data breach in a DOJ notice of breach sent to affected individuals. Excerpt:

“On or about January 20, 2021, we learned that an unauthorized third party had gained remote access to the business email mailbox of one Sequoia employee, with the apparent aim of conducting a wired version scam,” Sequoia Capital explained in a notice of data breach sent to affected individuals.”  A Gurucul expert offers commentary.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
February 26, 2021 10:57 am

<p>The Sequoia Capital data breach announcement is short on detail, beyond it being an employee\’s email account being breached and the attacker failing in their scam.  However, it\’s likely the individual victim was the target of a phishing attack of some sort which led to credential theft.</p> <p> </p> <p>Incidents like this can be difficult to catch if the attacker is careful, but it appears Sequoia Capitol\’s security stack and process were up to the task. Ultimately, organizations should all be able to blunt these attacks through a combination of user education to reduce the risk of initial compromise, backed by a well-equipped and well-trained Security Operations team to deal with the attackers that make it inside.  It\’s a matter of deploying the right training and tools to get it done.</p>

Last edited 2 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x