---
title: "Cybersecurity Updates For The Week 17 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 17 of 2021: A phishing attack at an organization can push all associated customers, business partners, and employees."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-17-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2021/"
---

Quick Answer

A \*\*phishing attack\*\* at an organization can push all associated customers, business partners, and employees towards cyber threats that can have long-lasting and life-altering implications. Hence, \_it is the responsibility of business owners to ensure \*\*phishing attack prevention\*\* at all times\_. The following headlines are about the latest cyberattacks that have compromised the personal information of millions:

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2017%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2017%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2017%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/04/ceo-fraud-7491.jpg) 

A **phishing attack** at an organization can push all associated customers, business partners, and employees towards cyber threats that can have long-lasting and life-altering implications. Hence, _it is the responsibility of business owners to ensure **phishing attack prevention** at all times_. The following headlines are about the latest cyberattacks that have compromised the personal information of millions:

### Cyber Attack Hits Swinburne University Of Technology

_The Swinburne University of Technology in Australia recently discovered one of its databases online_. The database contained event registration information for multiple events from 2013 to the present day. The exposed data included the names, email addresses, phone numbers of approximately **5,200 Swinburne staff** and a hundred Swinburne students, and some 200 external parties and individuals who registered for the events.

As part of its [phishing protection](/) measures, the university has informed the Victorian Education Department, the Office of the Victorian Information Commissioner (OVIC), the Australian Information Commissioner (OAIC), and the Tertiary Education Quality and Standards Agency (TEQSA). Further, it has brought down the web page and is investigating other similar university sites for breaches. The university apologized and [extended support](https://www.zdnet.com/article/swinburne-university-confirms-over-5000-individuals-affected-in-data-breach/?&web%5Fview=true) to those affected by the breach and reached out to the 200 individuals outside Swinburne whose details were compromised.

### Supply Chain Attack Hits Codecov

_A supply chain attack recently hit the code statistics solutions and code testing provider Codecov_. The attackers had been **exploiting a vulnerability** in the Docker image creation process in Codecov’s product Bash Uploader. The attackers compromised the Bash Uploader script on 31st January and added a **credentials harvester** to it. Consequently, the [adversaries intercepted](https://therecord.media/codecov-discloses-2-5-month-long-supply-chain-attack/?web%5Fview=true) all code coverage reports submitted for analysis and extracted user credentials.

Codecov discovered the breach on 1st April and has been taking **anti-phishing measures** since then. It has collaborated with a forensics firm to investigate the breach and is sending out alerts and notifications to customers. The Codecov customers include GoDaddy, P&G, the Washington Post, Atlassian, Tile, Webflow, and Dollar Shave Club. While the Bash Uploader script alone is affected, the impacts can be seen in other products embedded in the script. These include the Codecov Bitrise Step, the Codecov-actions uploader for Github, and the Codecov CircleCl Orb. All Codecov customers who used these tools are advised to take measures to prevent phishing attacks.

![Ceo fraud](https://media.mailhop.org/phishprotection/images/2021/04/ceo-fraud-7491.jpg) 

### Cyberattack Hits the University Of Hertfordshire 

_The University of Hertfordshire recently underwent a cyberattack that brought down its entire IT system_. All cloud-based services, the email system, the Wi-Fi network, and the student portal went down abruptly on 14th April. The students also [complained of disruption](https://www.itsecurityguru.org/2021/04/15/university-of-hertfordshire-hit-by-cyberattack/?web%5Fview=true) in accessing the **Office 365 services** like Teams and services like Zoom and Canvas.

As part of its [anti-phishing protection](/products/advanced-threat-defense/) measures, the university published a post on its website informing everyone of the breach. It ensured students that the _IT team is working hard to restore systems as soon as possible_. The university also notified that all classes stand canceled for 15th April and that pending assignments and late submissions caused thereof will not affect learners’ grades.

### Indian Company Bizongo Leaves 643 GB Data Unprotected Online

_The Indian online packaging giant Bizongo recently left a misconfigured AWS S3 data bucket unprotected online_. Almost anyone on the internet could easily access the vast treasure trove of customer data stored on this Bizongo bucket.

Researchers at Website Planet discovered this breach in December last year and contacted Bizongo immediately. The company took measures for [protection against phishing](/) and secured the data bucket. While the bucket remained public, it exposed **over 2,532,610 files** (643GB of data). The [compromised details](https://www.hackread.com/india-bizongo-supply-chain-exposed-data/?web%5Fview=true) include the names, billing and delivery addresses, phone numbers, tracking ids, and user’s financial information.

### Data Breach At Parkmobile

_Popular North American mobile parking app ParkMobile underwent a cyberattack that exposed the personal information of **21 million customer**_**s**. ParkMobile claims that the adversaries **exploited a vulnerability** in third-party software it uses because of which the [license plate numbers](https://heimdalsecurity.com/blog/parkmobile-breach-data-exposed/?web%5Fview=true), hashed passwords, and other user details have been exposed. The app clarified that basic account information of users, such as their license plate numbers, and optional information such as email addresses, phone numbers, and vehicle nicknames (if provided by users) were leaked in the breach.

The app announced that it takes [phishing prevention](/) very seriously and doesn’t store passwords, social security numbers, driver’s license numbers, or parking and user’s location history. _It uses a one-way password hashing algorithm called bcrypt to protect user passwords_, and it’s only the bcrypt keys that the hackers could access. While there is no immediate risk for users, ParkMobile still advises them to take measures to protect themselves from phishing and change their account passwords.

### Ransomware Hits Albert Heijn’s Key Logistics Supplier

Albert Heijn, the largest supermarket chain in the Netherlands, _recently experienced a shortage of supplies caused by a ransomware attack on its key logistics supplier Bakker Logistiek_. The adversaries reportedly exploited the ProxyLogon vulnerability in Bakker Logistiek’s Microsoft Exchange Server.

_The attack brought down Bakker Logistiek’s IT system_, and it had to resort to pen and paper to fulfill pending orders. With reduced efficiency owing to manual maintenance, food supplies were greatly affected. There was a particular disruption in the delivery of packaged cheese. Albert Heijn [informed customers](https://www.infosecurity-magazine.com/news/food-shortages-dutch-supermarkets/?&web%5Fview=true) of the security incident by posting about it on its website. It ensured them that the logistics service provider (Bakker Logistiek) was adopting the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) to try and restore availability at the earliest. Bakker Logistiek hasn’t disclosed its intentions on paying the ransom; however, _it notified that the systems were gradually being restored and that stocks are getting shipped again_.

![Ceo fraud](https://media.mailhop.org/phishprotection/images/2021/04/ceo-fraud-7492.jpg) 

### Joker Infected Malicious Apps Target Huawei Android Users

Until recently, _ten apps infected with the Joker malware were actively running on the official Android store applications for Huawei users_. Consequently, **over 538,000 Huawei users** downloaded these seemingly harmless apps from the AppGallery that let the adversaries use command and control servers to download configurations and additional components on user devices.

The malicious apps were not discovered because they retained their advertised functionality while subscribing to premium mobile services. The malicious apps requested access to SMS and notifications and intercepted all confirmation codes sent by the subscription service to evade **anti-phishing tools**. The infected apps included the New 2021 Keyboard, Super Keyboard, All-in-One Messenger, Color RollingIcon, Fun Color, Happy Colour, Funney Meme Emoji, BeautyPlus Camera, Camera MX, Photo Video Camera, and Happy Tapping. These apps could subscribe users to a maximum of [five services](https://www.bleepingcomputer.com/news/security/joker-malware-infects-over-500-000-huawei-android-devices/?&web%5Fview=true). While Huawei has removed these apps, all users who have downloaded the app(s) already need to run a manual cleanup for security.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 17 of 2021","description":"Cybersecurity Updates For The Week 17 of 2021: A phishing attack at an organization can push all associated customers, business partners, and employees.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2021/","datePublished":"2021-04-20T12:41:15.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-04-20T12:41:15.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1110,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/04/ceo-fraud-7491.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 17 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2021/"}]}
```