---
title: "Cybersecurity Updates For The Week 27 of 2021 | Phish Protection"
description: "There is not much one can do when threat actors have infiltrated their information assets and robbed them of their identity by stealing their Personally."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-27-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-27-of-2021/"
---

Quick Answer

There is not much one can do when threat actors have infiltrated their information assets and robbed them of their identity by stealing their Personally Identifiable Information (PII). This is why \_it is crucial to keep oneself abreast of the latest tricks and techniques malicious actors employ to attack users\_. Incorporating robust strategies from each cyber incident you may come across can go a long way in helping you in \[phishing awareness\](/products/phishing-awareness-training/), \_ensuring protection from multiple threat actors\_. The following

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-27-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2027%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-27-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-27-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-27-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2027%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2027%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-27-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/07/prevent-spear-phishing-5456.jpg) 

There is not much one can do when threat actors have infiltrated their information assets and robbed them of their identity by stealing their Personally Identifiable Information (PII). This is why _it is crucial to keep oneself abreast of the latest tricks and techniques malicious actors employ to attack users_. Incorporating robust strategies from each cyber incident you may come across can go a long way in helping you in [phishing awareness](/products/phishing-awareness-training/), _ensuring protection from multiple threat actors_. The following weekly phishing headlines have been written to help you with the same.

### DreamHost Leaves Cloud Database Unprotected: 814 M Records Exposed

_Cybersecurity researcher Jeremiah Fowler recently discovered a misconfigured cloud database belonging to US hosting provider DreamHost_. The database was left without a password online and contained **814 million records** (86 GB) of WordPress users. The records in the database dated back to 2018 and included [user information](https://www.infosecurity-magazine.com/news/cloud-database-exposes-800m/) such as full names, usernames, email addresses, WordPress login location URLs, security information, timestamps, host IP addresses, etc.

DreamHost was quick to **secure the database** after being informed, but it remains uncertain how long this database was public before Fowler discovered it. If the threat actors could access this database, then they can send targeted **phishing emails** with fake invoices to these users or launch [man-in-the-middle attacks](https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html). _WordPress users should take measures to protect themselves from phishing_ and view all payment emails with caution.

![Prevent spear phishing](https://media.mailhop.org/phishprotection/images/2021/07/prevent-spear-phishing-5456.jpg) 

### Data Breach At Indian Trading Platform Affects 3.4 M Users

_Technisanct, the Kochi-based (India) cybersecurity startup has recently identified a data breach at an unnamed Indian trading platform_. The PII of **more than 3.4 million customers** was compromised in the breach. This included users’ customer IDs, names, phone numbers, trade login IDs, email addresses, branch IDs, city, nationality, etc.

The CEO of Technisanct, Nandakishore Harikumar, says that _the absence of a cybersecurity regulatory body in India is responsible for preventing breaches even after identification_. Technisanct’s digital risk monitoring tool Integrite was used to [identify this breach](https://ciso.economictimes.indiatimes.com/news/data-breach-in-trading-platform/83829525). Technisanct posted about the breach on 15th June and also informed the CERT. The users of this trading platform now risk being targeted by adversaries, especially if they do not have any [anti-phishing solutions](/).

### Data Breach At Pakistani Streaming Service Patari

Pakistan’s largest music streaming service, _Patari (Patari.pk), left a misconfigured MongoDB database online, and now the adversaries have found it_. The [database contained](https://www.hackread.com/pakistani-music-streaming-site-patari-hacked/) the personal data (names, usernames, email addresses), login credentials (password hashes), Avatar links, and playlists of **more than 257,000 users**.

Cyber adversaries found this database online in May 2021 and informed (blackmailed) Patari about the same. Since the streaming service didn’t respond, _the cyber attackers leaked the database on Russian and English hacker forums_ on 13th June 2021.

All Patari users are advised to change their account passwords immediately and adopt measures to [prevent phishing](/) attacks. Users must lookout for **phishing emails** and change the password for all accounts where they had used the same password.

### Ransomware Hits French Collection (FCUK)

_Renowned clothing brand French Collection (FCUK) underwent a ransomware attack recently_. The notorious ransomware gang REvil is believed to be responsible for this attack where some of FCUK’s internal data was compromised.

The adversaries have the passport and other identification details of employees, including upper-level management. _French Collection confirmed the attack_, calling it an organized **cybersecurity breach** targeting its back-end servers. However, none of the [front-end servers](https://www.theregister.com/2021/06/24/french%5Fconnection%5Fsays%5Ffcuk%5Fas/), payment processing systems, or high-street outlets were affected by the incident.

FCUK was quick to take measures to [protect from phishing](/) attacks and suspended all infected systems immediately. _It also hired external cyber experts to investigate the breach and informed the Information Commissioner’s Office_. The company further clarified that there is no evidence to suggest that any customer data was compromised in the breach.

### Ransomware Hits Grupo Fleury

_Grupo Fleury is a famous Brazilian medical diagnostic company that underwent a ransomware attack recently_. Once again, REvil or Sodinokibi is believed to be responsible for the attack. The **ransomware attack** brought down the systems of the company and disrupted its business operations. On 22nd June 2021, the Grupo Fleury website began displaying an alert informing visitors of the breach and the temporal downtime.

Patients struggled to schedule their clinical exams and lab tests, but Grupo Fleury is adapting **anti-phishing measures** and trying to restore systems as soon as possible. As per sources, the [REvil ransomware operators](https://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/) are demanding **$5 million in ransom** for the decryptor and have threatened to leak all stolen files otherwise. The company hasn’t made any more comments, but hundreds of thousands of Brazilians might have their PII and PHI (Personal Healthcare Information) exposed if their files are leaked.

### Cyberattack Targets Wolfe Eye Clinic, Iowa

_The Wolfe Eye Clinic, which has branches across Iowa, recently underwent a ransomware attack_. Consequently, the personal information of **around 500,000 customers** was compromised. The Eye Clinic later revealed that the [adversaries got into its network](https://apnews.com/article/ia-state-wire-iowa-business-hacking-technology-5886dc62016f9fd541f7c8fe9846abf7) on 8th Feb 2021 and locked some of its systems. _The clinic didn’t agree to pay the ransom immediately and launched an investigation instead_.

External cybersecurity experts were hired to restore the systems and ensure [phishing prevention](/). Their findings suggest that some patient data was compromised in the attack. In continuation of their efforts, the Eye Clinic is notifying all affected patients and providing them free [identity theft protection](/products/email-impersonation-protection/) and credit monitoring for a year. Furthermore, the clinic has set up a call center and website to handle all queries regarding the breach.

### Ryuk Ransomware Attacks Liege City Network

[Ransomware attacks](/resources/how-to-deal-with-ransomware-attacks/) on local city networks aren’t uncommon, and the latest victim is Belgium’s third large city, Liege. _A ransomware attack brought down the city municipality’s online services and IT network_ on 22nd June 2021\. Consequently, all appointments for weddings, birth registrations, burial services, and town halls were deferred. The population, civil status, paid to park, and event permit services were down as well.

As per sources, the Ryuk [ransomware gang](https://therecord.media/city-of-liege-belgium-hit-by-ransomware/?web%5Fview=true) is responsible for this attack on Liege, but the city hasn’t commented on the same yet. The adversaries know that city networks operate without enough funds to invest in [phishing attack prevention](/) measures, and therefore the attacks on city networks are increasing.

![Prevent spear phishing](https://media.mailhop.org/phishprotection/images/2021/07/prevent-spear-phishing-5457.jpg) 

### Ragnar Locker Ransomware Attacks Storage Chip Maker ADATA

_The Taiwanese memory and storage chip maker ADATA left 13 of its archived databases publicly available on a cloud-based storage service_ for quite some time. The notorious ransomware gang Ragnar Locker probably accessed these files during this time. Now, the threat actor has posted the downloadable link to **700 GB of ADATA’s archived data** on the MEGA storage service.

The platform suspended Ragnar Locker’s account and brought down the databases soon after. While three of the databases were 300 GB, 117 GB, and 100 GB in size, respectively, their names revealed nothing about the content. Ragnar Locker probably stole files containing ADATA’s non-disclosure agreements, and financial information, among other details. The ADATA archives were up on the MEGA storage service for quite some time, but [once the platform](https://www.bleepingcomputer.com/news/security/adata-suffers-700-gb-data-leak-in-ragnar-locker-ransomware-attack/) was notified, it suspended the malicious account and uploaded files within minutes.

_The MEGA shows zero tolerance to illegal activities_, and hence it was quick to take [phishing protection](/) measures. Ragnar Locker attacked ADATA on 23rd May, and _ADATA chose to restore its systems from backup instead of paying the ransom_. While ADATA’s strategy was a good one to **evade paying a hefty ransom**, it will have lasting effects on all its employees, customers, and stakeholders.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 27 of 2021","description":"There is not much one can do when threat actors have infiltrated their information assets and robbed them of their identity by stealing their Personally.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-27-of-2021/","datePublished":"2021-07-01T07:04:35.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-07-01T07:04:35.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-27-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1260,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/07/prevent-spear-phishing-5456.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 27 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-27-of-2021/"}]}
```