---
title: "Cybersecurity Updates For The Week 23 of 2021 | Phish Protection"
description: "Cyberattacks and data breaches have rapidly increased over the past year. Hundreds of thousands of users lose their data to phishing attacks even today."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-23-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-23-of-2021/"
---

Quick Answer

Defying all \[phishing prevention\](/) measures, a \_Nigerian cybercrime group named Scattered Canary is sharing detailed instructions on committing unemployment identity fraud on the Texas Workforce Commission website\_. The threat actors have formed a WhatsApp group where a 13-page guide to defrauding the \[Texas Workforce Commission\](https://www.infosecurity-magazine.com/news/scattered-canary-targets-texas/?&web\_view=true) has been shared.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-23-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2023%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-23-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-23-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-23-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2023%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2023%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-23-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/06/spear-phishing-prevention-1321.jpg) 

_Cyberattacks and data breaches have rapidly increased over the past year_. Hundreds of thousands of users lose their data to **phishing attacks** even today. Here are the top phishing headlines from the last week to enable an organization to accept and incorporate the best [phishing prevention tips](/content/phishing-prevention/). 

### Scattered Canary Plots Against Texas Unemployment System

Defying all [phishing prevention](/) measures, a _Nigerian cybercrime group named Scattered Canary is sharing detailed instructions on committing unemployment identity fraud on the Texas Workforce Commission website_. The threat actors have formed a WhatsApp group where a 13-page guide to defrauding the [Texas Workforce Commission](https://www.infosecurity-magazine.com/news/scattered-canary-targets-texas/?&web%5Fview=true) has been shared.

The cybersecurity firm Agari, led by former FBI agent Crane Hassold was the first to get access to this document circulated among Scattered Canary members. The document contained everything to know about applying for unemployment benefits and introduced some red flags triggered by erroneous answers.

The Texas Workforce Commission has **lost over $893 million** to fraudulent unemployment benefits in the past, and this Scattered Canary endeavour is definitely not good for the Commission. _The adversaries exploit a Gmail flaw caused by Google’s spam detection system_, which ignored the position of periods in an email address. A [joe.doe@gmail.com](mailto:joe.doe@gmail.com) can be impersonated as a [j.o.e.d.o.e@gmail.com](mailto:j.o.e.d.o.e@gmail.com), and Google will identify both these addresses to be the same person. The hackers use multiple addresses with slight variations from the primary email ID to generate multiple claims without getting detected.

### Canada Post Undergoes Third-Party Breach, 950k Customers Affected

_Over 950,000 customers and 44 clients of Canada Post were recently affected by a **malware attack** on one of its suppliers_. The adversaries could access the email addresses, names, and phone numbers of receiving customers registered between July 2016 to March 2019\. Canada Post’s electronic data interchange (EDI) solution provider, [Crown Corporation](https://globalnews.ca/news/7894760/canada-post-data-breach/?&web%5Fview=true), underwent the breach and is taking [anti-phishing protection](/products/advanced-threat-defense/) measures already.

Canada Post conducted its investigation but found no evidence of the compromise of any financial information. Although Canada Post wasn’t directly responsible for the breach, it regrets the unfortunate incident that affected many of its valued clients and customers.

![Spear phishing prevention](https://media.mailhop.org/phishprotection/images/2021/06/spear-phishing-prevention-1321.jpg) 

### Data Breach Hits Indonesia’s National Health Insurance Scheme

_Indonesia’s national health insurance scheme agency underwent a data breach recently_, which exposed the personally identifiable information (PII) of **over one million citizens**. The attack puts the country in a disadvantageous position as it had enthusiastically incorporated [digital government](https://www.theregister.com/2021/05/24/indonesia%5Fhealth%5Fdata%5Fbreach/?&web%5Fview=true) services into its development model.

The Badan Penyelenggara Jaminan Sosial (BPJS) is an agency that runs the Jaminan Kesehatan Nasional (JKN). Indonesia’s Ministry of Communication and Information Technology found a database on a hacker forum leaked from BPJS and contained details of the national health insurance scheme (JKN). The Indonesian government has launched **anti-phishing measures**, but it did not reveal any further information about the leak or its entry point.

### Sophisticated Cyber Espionage Targeted At The Belgian Interior Ministry

_The Federal Public Service Interior, Belgium, has undergone a sophisticated cyber-attack recently_. Although its communications director, Olivier Maerens, insists that no sensitive data was breached in the incident, an investigation was launched to identify the [point of attack](https://www.securityweek.com/belgium-interior-ministry-targeted-cyber-attack?&web%5Fview=true). Cybersecurity experts revealed that the adversaries had been inside the Belgian Interior’s system since 2019.

_The attackers had no intention of jamming the Interior Ministry website or demanding a ransom_. First uncovered in March 2021, this attack is believed to be aimed at espionage. Robust [phishing attack prevention](/) measures were adopted immediately to _strengthen the server security and prevent the adversaries from infiltrating further_.

### Security Negligence Of App Developers Affects Millions Of Users

Researchers have recently found that several mobile app developers expose users’ data because of unfixed misconfigurations in some of their third-party cloud services. _A total of thirteen apps, downloaded between 10,000 to 10 million times, were found to have left databases containing details of **over 100 million users** unprotected online_, available for anyone on the web to download and misuse. The user details compromised because of this security negligence include email addresses, chats, passwords, photos, location details, etc.

Some of these apps (Screen Recorder, T’Leva, Astro Guru, iFax, etc.) came with unprotected push notification managers along with misconfiguration issues. Such unprotected notifications welcome adversaries to send [fraudulent notifications](https://cyware.com/news/mobile-apps-exposing-personal-data-of-millions-of-users-bebe5774) with malicious content or links to users by impersonating the developer. Misconfigurations of real-time databases are no longer an uncommon phenomenon, but developers should be more careful. Users on their part should adopt the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) to avoid being vulnerable to attacks triggered by such security ignorance of developers.

### Cyber Attack Hits TPG TrustedCloud Service

_Two customers of TPG Telecom were recently affected by a data breach targeting its TrustedCloud service_. The TrustedCloud service operates in a standalone environment, and therefore the chances of this attack impacting the other telecommunications networks and systems of TPG Telecom is unlikely. No other customers were affected by this breach because [the TrustedCloud service](https://www.zdnet.com/article/a-pair-of-tpg-trustedcloud-customers-were-breached/?&web%5Fview=true) has a very limited user base.

Although the other TPG Telecom products, services, and brands are unaffected by this security incident, the company has adopted measures for [protection against phishing](/) to strengthen its cyber defenses.

### Bergen Logistics Leaves Database Unprotected Online

Bergen Logistics is one of the most popular order fulfilment providers in the US, handling the shipment records and personal details of over 460k users. However, _the firm has been exposing the PII of these users via an unprotected database it left publicly available online_. The IT team at Website Planet discovered the unprotected database on an Elasticsearch server recently, which contained enough information about users to make them vulnerable to phishing, extortion, skimming, and a range of other cyberattacks.

The exposed customer details include their full names, addresses, zip, email addresses, passwords, and order numbers. The compromise of [such information](https://www.hackread.com/logistics-giant-leaks-data-lolz-when-alerted/?web%5Fview=true) is definitely not good for customers. But Bergen Logistics also has a lot to lose from this oversight of [phishing protection](/) measures. _The failure to adhere to data privacy laws makes the firm a violator of Section 5 of the FTC Act_, making it liable to a punishable offence or a **fine of up to $100 million**. Further, the self-caused damage to goodwill among existing customers and chance with prospective customers is an added loss to business which will take months, if not years, to recover from. What is surprising is Bergen Logistics’ reaction (one of the company’s representatives had replied with “LOL”) when it was first notified of the data leak on 30th December 2020 and again on 15th January 2021.

![Spear phishing prevention](https://media.mailhop.org/phishprotection/images/2021/06/spear-phishing-prevention-1322.jpg) 

### Hackers Post Details Of 18 Crore Domino’s Order Records

Domino’s Pizza, operated by Jubilant FoodWorks, is a household name in India, but a recent failure of its [anti-phishing solutions](/) has left customers perplexed. It had announced a data breach in its servers back in April 2021 and assured customers that their financial information is safe because the company never stores the financial details of users. However, a recent data dump by adversaries on the dark web has worried all Indian customers who had ever [ordered a pizza](https://ciso.economictimes.indiatimes.com/news/user-info-linked-to-18cr-dominos-orders-leaked/82899181) from the Domino’s app or website.

_The adversaries leaked sensitive information from 18 crore orders_ such as the exact delivery address, the amount spent on the order, the date of placing an order, phone numbers, etc. Cyber adversaries have stolen **13TB of customer details** and employee files from Domino’s India, which they promised to post ‘soon.‘

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 23 of 2021","description":"Cyberattacks and data breaches have rapidly increased over the past year. Hundreds of thousands of users lose their data to phishing attacks even today.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-23-of-2021/","datePublished":"2021-06-03T09:57:34.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-06-03T09:57:34.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-23-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1230,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/06/spear-phishing-prevention-1321.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 23 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-23-of-2021/"}]}
```