---
title: "Cybersecurity Updates For The Week 2 of 2022 | Phish Protection"
description: "Cybersecurity Updates For The Week 2 of 2022: The new year means a fresh start for adversaries and us, and they have begun working on new targets. Following."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-2-of-2022.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-2-of-2022/"
---

Quick Answer

The new year means a fresh start for adversaries and us, and they have begun working on new targets. Following are this week's top \[phishing news headlines\](/tags/announcements/) to help you stay ahead of scammers and plan your \[anti-phishing protection\](/) measures.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-2-of-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%202%20of%202022&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-2-of-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-2-of-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-2-of-2022%2F&title=Cybersecurity%20Updates%20For%20The%20Week%202%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%202%20of%202022&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-2-of-2022%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/01/spear-phishing-protection-7752.jpg) 

The new year means a fresh start for adversaries and us, and they have begun working on new targets. Following are this week’s top [phishing news headlines](/tags/announcements/) to help you stay ahead of scammers and plan your [anti-phishing protection](/) measures.

### Data Breach Hit Singaporean Department Store OG

_A data breach recently hit the Singaporean department store OG, which compromised customers’ personal data_. In its statement to members, OG specified only the members in the basic or gold tiers have been [affected by the breach](https://www.straitstimes.com/singapore/consumer/personal-data-of-og-department-store-customers-leaked). OG has asked its service provider to **secure the database** to stop the attack vector from spreading, as part of its [phishing prevention measures](/content/phishing-prevention/phishing-attack-prevention/). It is also working with external cybersecurity experts and relevant authorities to investigate the breach and ensure customers’ safety.

_The investigations revealed that the attackers compromised an OG database managed by an external membership portal service provider_. While the notification did not mention how many members were affected by the breach, it does warn them to take necessary measures to protect themselves from **phishing**. The compromised member details include their names, contact numbers, email addresses, DOBs, mailing addresses and genders. Passwords and NRIC numbers may have also been stolen, but nothing substantiates that as of now. Fortunately, no financial details were leaked in the incident.

### Ransomware Hits School Website Services Provider FinalSite

_Popular school website services provider FinalSite was recently hit by a ransomware attack_ that disrupted [access to thousands of schools](https://www.bleepingcomputer.com/news/security/finalsite-ransomware-attack-shuts-down-thousands-of-school-websites/) across the globe. FinalSite is a SaaS provider that provides content management, hosting and website design solutions to K-12 school districts. **Over 8,000 institutions** across 115 countries avail FinalSite’s services, and this attack affected all their websites.

While FinalSite hasn’t announced that it’s a [ransomware attack](/resources/ransomware-attack-why-organizations-pay-ransom/) affecting its systems, it did mention that its Composer content management system was affected. This means that its Groups Manager, Constituent Manager, Groups Manager, Forms Manager, Registration Manager, Athletics Manager, Calendar Manager and Directory Elements may have been affected. FinalSite has not provided any time limit as to when its services will be restored. Consequently, schools are having to write to parents informing them of this indefinite website outage.

FinalSite apologized to all customers for the inconvenience caused and has launched an investigation into the breach. It has also hired third party cyber experts to evaluate the nature of the attack, which compelled it to bring down the websites of **over 5000 school websites** as a [phishing protection](/) measure. 

![Spear phishing protection](https://media.mailhop.org/phishprotection/images/2022/01/spear-phishing-protection-7752.jpg) 

### Cyberattack Hits Saltzer Health

_A cyberattack recently hit Intermountain Healthcare-owned Saltzer Health_. Saltzer Health runs 12 urgent care facilities and clinics in Boise, Meridian, Caldwell, Nampa and Idaho and suspects that the adversaries’ [unauthorized access](https://www.securityweek.com/saltzer-health-informs-patients-personal-information-exposure) of one of its employee accounts might have exposed some patient information. The organization is now informing patients that their personal information may have been compromised because of this breach.

The attackers are believed to have accessed Saltzer’s employee account sometime between 25th May and 1st June 2021\. Investigations into the breach revealed that the email account didn’t contain much personal information. The details that could have been exploited include patients’ names, contact details, state identification numbers, Social Security numbers, driver’s license numbers and financial account details.

The compromised medical information include patients’ medical history, diagnosis, prescription medication information, treatment details, health insurance information and physician information. Saltzer Health claims to have taken necessary measures for [protection against phishing](/) attacks, including _resetting the compromised email account’s password and closely monitoring its network_.

\*\* \*\*

### Cyberattack Hits Element Solutions

_A cyberattack recently hit the Florida-based speciality chemicals organization Element Solutions_. Its products are widely used in manufacturing processes in sectors such as automotive systems, offshore energy, communication infrastructure, electronic circuitry, industrial surface finishing, and consumer packaging. With branches in **over 50 countries** and more than 4,400 employees, Element Solutions had annual revenue of around **$1.85 billion** in 2020.

Soon after [detecting the attack](https://www.securityweek.com/chemicals-company-element-solutions-discloses-cybersecurity-incident), the organization implemented its data recovery protocols and business continuity plan. Element Solutions quickly implemented [anti-phishing measures](/blog/ransomware-hits-reason-why-businesses-need-to-adopt-robust-anti-phishing-measures/) and informed the relevant law enforcement authorities. From the looks of it, the incident looks like a **ransomware attack**, but more information on the same remains to be unfolded.

### Data Breach Hits Fertility Centers of Illinois

A data breach recently hit Fertility Centers of Illinois (FCI), an enterprise running multiple fertility centers across Northern Illinois. Consequently, **around 79,943** of its current and former patients were affected. FCI has [reported the breach](https://www.infosecurity-magazine.com/news/cyberattack-on-fertility-centers/) to the Department of Health and Human Services’ Office for Civil Rights (OCR).

_The attackers could access patients’ protected health information (PHI) and also access employees’ personal details_. As part of its [phishing attack prevention](/) measures, FCI hired external forensic specialists to investigate the breach after suspecting suspicious activity in its network on 1st February 2021\. This move kept attackers away from its electronic medical record system, and hence FCI’s administrative files and folders remain unexposed.

The FCI investigation revealed by 27th August 2021 that the impact remained limited to patient and employee information. The exposed patient information includes their names, passport numbers, social security numbers, payment card details, financial details, treatment information, bills, prescription details, medicare and health insurance details etc. The compromised employee details include their names, identification numbers, occupational-health information, retirement details, sickness certificates, medical benefits, entitlements etc. FCI is now trying to improve its [anti-phishing solutions](/) and implementing stricter **security measures**.

### Large-Scale Data Breach That Hit Broward Health Disclosed

_A large-scale data breach recently hit the Broward Health public health system_, which affected **1,357,879 individuals**. The Florida-based healthcare system has branches in over 30 locations with more than 60,000 admissions every year. Broward Health [first traced the attack](https://www.bleepingcomputer.com/news/security/broward-health-discloses-data-breach-affecting-13-million-people/) on 15th October 2021 and saw an unauthorized third party accessing the hospital’s private patient directory. Finally, Broward had reported the issue to the US Department of Justice and the FBI on 19th October 2021.

As part of its measures for [protection against phishing](/), _Broward Health hired a third-party cybersecurity expert to investigate the breach_. The investigation revealed that patient information such as their names, addresses, DOB, contact numbers, bank details, social security numbers, insurance and medical details etc., were compromised. While the above data has been exposed, there is no evidence proving the misuse of any of this data. Broward Health clarified that the **attack vector** is a third-party medical provider that could access its system. The healthcare system has implemented MFA for all users and notified them of the breach via notifications. It is also providing two years of complimentary [identity theft protection service](/blog/understanding-business-identity-theft-and-what-makes-businesses-vulnerable-to-these-identity-thefts/) to victims through Experian.

![Spear phishing protection](https://media.mailhop.org/phishprotection/images/2022/01/spear-phishing-protection-7753.jpg) 

### Threat Actors Steal 3M Records From FlexBooker

In the latest holiday season, _attackers stole over three million user account details from a popular appointment scheduling service, FlexBooker_. Now the adversaries are offering these [stolen databases for sale](https://www.bleepingcomputer.com/news/security/flexbooker-discloses-data-breach-over-37-million-accounts-impacted/) on threat actor forums. The same attacker group has also claimed responsibility for attacks on rediCASE and Racing.com. These attacks reportedly happened during the [Christmas Holidays](/blog/the-holidays-are-coming-which-means-holiday-phishing-emails-are-coming-too/) and are attributed to a malicious actor group called Uawrongteam.

_Uawrongteam states that the FlexBooker database contains a plethora of customer information_ that ranges from their driver’s license photos to the payment forms and charges. The database’s other significant details (which includes **over 10 million entries**) are their names, phone numbers, email addresses, hashed passwords, and password salts.

As part of its measures for [protection from phishing](/), FlexBooker has sent data breach notifications to all affected customers, informing them of the breach of its Amazon cloud storage system. While attackers could not access any payment card information, _the organization advises users to stay vigilant and look for suspicious activities in their financial accounts_. However, FlexBooker recommended users remain vigilant and review account statements and credit reports for suspicious or fraudulent activity. Have I Been Pwned (HIBP) _records show that **over 3.7 million** people lost their data in this FlexBooker breach_.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 2 of 2022","description":"Cybersecurity Updates For The Week 2 of 2022: The new year means a fresh start for adversaries and us, and they have begun working on new targets. Following.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-2-of-2022/","datePublished":"2022-01-14T14:28:05.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-01-14T14:28:05.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-2-of-2022/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1314,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/01/spear-phishing-protection-7752.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 2 of 2022","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-2-of-2022/"}]}
```