---
title: "Cybersecurity Updates For The Week 31 of 2020 | Phish Protection"
description: "Cyberattacks are unavoidable till cyber adversaries continue to exist. Hence ensuring phishing attack prevention is a strenuous task."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-31-of-2020.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-31-of-2020/"
---

Quick Answer

The compromised details include the names, physical addresses, email addresses, phone numbers, work histories, dates of birth, height and weight, ethnicity, and physical features (hair color and length, etc.) of its subscribers and aspiring actors. Also, the database included the vehicle ownership information (model, color, year of manufacture, etc.) of users.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-31-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2031%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-31-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-31-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-31-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2031%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2031%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-31-of-2020%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/07/what-is-spear-phishing-3791.jpg) 

_Cyberattacks are unavoidable till cyber adversaries continue to exist_. Hence ensuring [phishing attack prevention](/) is a strenuous task. However, _awareness about the recent cyber threats can help organizations handle their security concerns better_. With this interest, we bring you the top security news updates from the previous week:

### \*\*\*\* MyCastingFile Leaves Database With 1GB Data Unprotected Online

_US website MyCastingFile that has provided extras for productions like True Detective, Pitch Perfect, and Terminator Genisys was recently found to have left a database unprotected online_. The database contained the details of over [260,000 of its users](https://www.zdnet.com/article/us-actor-casting-company-leaked-private-data-of-over-260000-individuals/?&web%5Fview=true) and employees, _some of whom were also minors_.

The compromised details include the names, physical addresses, email addresses, phone numbers, work histories, dates of birth, height and weight, ethnicity, and physical features (hair color and length, etc.) of its subscribers and aspiring actors. Also, the database included the vehicle ownership information (model, color, year of manufacture, etc.) of users.

However, MyCastingFile has adopted the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) and secured and brought down the database as soon as security researchers notified them of the same.

### Customized Zoom URLs: A Threat Factor

The Zoom feature that enables organizations to set [customized vanity URLs](https://www.securityweek.com/zooms-vanity-urls-could-have-been-abused-phishing-attacks?&web%5Fview=true) with their company name in it could be a possible gateway for adversaries to launch **phishing attacks**.

_Since users seldom visit these vanity URLs, attackers exploit these and pretend to be real employees of a company_. They then send meeting invitations to prospective victims using the company’s vanity URL. _Any unsuspecting user would fall into the trap and end up giving away his details to the attackers_.

Hence, users are advised to be very cautious and take necessary [phishing protection](/) measures while accessing Zoom URLs.

![What is spear phishing](https://media.mailhop.org/phishprotection/images/2020/07/what-is-spear-phishing-3791.jpg) 

### E-Learning Portals Compromise Student Data

Five e-learning portals, namely, Escola Digital, MyTopDog, Okoo, Square Panda, and Playground Sessions from Brazil, South Africa, Kazakhstan, and the US, respectively, have collectively exposed over [one million student records](https://www.infosecurity-magazine.com/news/one-million-online-student-records/?&web%5Fview=true).

The details include their full names, home, and email addresses, ID numbers, phone numbers, dates of birth, and course/school information. Researchers have warned that although some of these users aren’t presently active on these e-learning platforms, _they still are vulnerable to phishing and other cybercrimes_.

All users of these learning platforms should take adequate [anti-phishing measures](/products/advanced-threat-defense/) to avoid any cyber mishap.

### Yet Again, Cyberattack Hits Israel’s Water Department

_In yet another attack, Israel has succumbed to cyber attackers_. It’s the Israeli [Water Authority infrastructure](https://hamodia.com/2020/07/17/israeli-water-infrastructure-hit-cyberattacks/?web%5Fview=true) that was targeted in the recent breach. Two of their facilities were recently attacked, but luckily, their measures for [protection against phishing](/) came handy, and no damage was caused.

The attack targeted the agricultural water pumps in the Upper Galilee and failed in its pursuit because services were brought back up by local authorities immediately. Although there are no suspects this time, the attack serves as a cue to Israel to work on strengthening its **anti-phishing protection** measures.

### Tesco TV Fraud Gets Consumers Drooling

Tesco customers in the UK fell into a big **giveaway scam** that promised [free TVs to 500 lucky winners](https://www.infosecurity-magazine.com/news/consumers-targeted-tesco-scam/?&web%5Fview=true). _Over 100 unsuspecting users shared their details with the fraudsters who created a fake Facebook page resembling Tesco’s own and even sent them confirmation emails and SMS_.

The scammers convinced that 500 TVs with minor glitches were about to be thrown from Tesco’s warehouse. Still, they have decided to have a giveaway instead wherein 500 lucky winners who share the Facebook post shall win free TVs that are in working condition.

People need to be careful before believing every offer they find online. To **protect oneself from phishing**, _one must refrain from clicking on links that come embedded in spooky emails_.

### Bitcoin Scam Now Targets Bill & Melinda Gates Foundation

After the massive Bitcoin scam that happened on Twitter last week, the adversaries have now targeted the [Bill & Melinda Gates Foundation](https://www.hackread.com/bill-melinda-gates-foundation-bitcoin-phishing-scam/?web%5Fview=true). They have launched an **email phishing campaign** that impersonates the real Bill & Melinda Gates Foundation and demands Bitcoin from people.

The only difference in the domain name is the use of a capital ‘I’ in gatesfoundatlon\[.\]com. Although the scammer’s Bitcoin address hasn’t been able to fool any people so far, this **typosquatting attack** reemphasizes the significance of taking [phishing prevention tips](/content/phishing-prevention/) seriously.

### Blackbaud Succumbs Before Adversaries And Pays Ransom

The Cloud software provider Blackbaud recently underwent a [ransomware attack](https://www.securityweek.com/cloud-company-blackbaud-pays-ransomware-operators-avoid-data-leak?&web%5Fview=true) in which the attackers compromised and deleted a copy of a subset of its data from their self-hosted environment. Fearing that its impact would disturb their clients, Blackbaud chose to go in for a settlement with the threat actors. _They paid the demanded ransom to the adversaries and asked them to remove and destroy the copy of data stolen_.

Blackbaud is taking necessary [phishing prevention](/) measures and has also notified all affected customers to stay vigilant.

![What is spear phishing](https://media.mailhop.org/phishprotection/images/2020/07/what-is-spear-phishing-3792.jpg) 

### Data Breach At US Family Tree Software

In a recent data breach, details of over [60,000 users](https://www.infosecurity-magazine.com/news/genealogy-software-maker-exposes/?&web%5Fview=true) of US-based family tree maker software were compromised. _The breach happened because of a misconfigured cloud server that **leaked over 25GB** of their data_. 

The compromised user details include the email addresses, geolocation data, IP addresses, system user IDs, support messages, etc. which can be used to launch phishing or [identity theft attacks](/products/email-impersonation-protection/). Therefore users are advised to take necessary measures to **prevent phishing attacks**.

### South Korea’s COVID App Contains Security Risks

It has come to light recently that South Korea’s [mobile application](https://www.nytimes.com/2020/07/21/technology/korea-coronavirus-app-security.html?&web%5Fview=true) use to track details of COVID patients has dangerous **security loopholes**, which if exploited can expose the personal information of users like their name, date of birth, sex, nationality, address, phone number, real-time location, and medical symptoms.

In their haste to get the app functional among people, the government overlooked the security factors as a result of which [protection from phishing](/) is now at risk for their citizens. _Their blunder includes using encryption keys as primary and guessable as “1234567890123456,” which only made it easy for hackers to get in_.

### Netwalker Attacks Lorien Health Services

Lorien Health Services, a family-owned nursing home for the elders in Maryland [underwent a ransomware attack](https://healthitsecurity.com/news/lorien-health-services-ransomware-attack-impacts-48k-patients) recently. _The details of around 47,754 of its patients were compromised in this Netwalker attack_.

_After Lorien refused to pay the ransom, attackers leaked their data online_. They labeled it as “Part 1”, which implies that they might also have access to other Lorien information.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 31 of 2020","description":"Cyberattacks are unavoidable till cyber adversaries continue to exist. Hence ensuring phishing attack prevention is a strenuous task.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-31-of-2020/","datePublished":"2020-07-31T15:19:02.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-07-31T15:19:02.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-31-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1070,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/07/what-is-spear-phishing-3791.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 31 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-31-of-2020/"}]}
```