---
title: "Cybersecurity Updates For The Week 32 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 32 of 2021: Data breaches are a typical news headline in most cybersecurity updates today . There is no guarantee that."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-32-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-32-of-2021/"
---

Quick Answer

The exact number of people affected by the breach is not known, but it is estimated that thousands of people may have been impacted. Soon after being notified of the \*\*security vulnerability\*\*, CPA secured the server. It was later confirmed that the server was public since 13th May. The CPS is investigating the breach (believed to be caused by human error) and has taken all necessary \[phishing protection\](/) measures.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-32-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2032%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-32-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-32-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-32-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2032%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2032%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-32-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/08/phishing-protection-1022.jpg) 

_Data breaches are a typical news headline in most cybersecurity updates today_. There is no guarantee that ransomware attackers won’t steal data from a system before giving away the decryption key. As such, organizations must adopt [phishing attack prevention](/) measures from the beginning so that the adversaries are left with any vulnerabilities or loopholes to exploit. The following cyber headlines throw light on the significant data breaches and **phishing attacks** that have occurred over the week

### Data Breach At Calgary Parking Authority

_The Calgary Parking Authority, which provides paid parking facilities to vehicle owners, left one of its logging servers unprotected online_, leaving it [_available for public access_](https://techcrunch.com/2021/07/28/calgarys-parking-authority-exposed-drivers-personal-data-and-tickets/?&web%5Fview=true). Consequently, the vehicle owners’ names, DOBs, email addresses, phone numbers, postal addresses, license plate details, vehicle descriptions, parking offenses, location data, and parking ticket details were exposed. In some cases, even the payment card details and expiry dates were compromised.

The exact number of people affected by the breach is not known, but it is estimated that thousands of people may have been impacted. Soon after being notified of the **security vulnerability**, CPA secured the server. It was later confirmed that the server was public since 13th May. The CPS is investigating the breach (believed to be caused by human error) and has taken all necessary [phishing protection](/) measures.

### Tallinn Man Steals Details Of Estonian Citizens From Govt. Website

_The Estonian Police recently arrested a Tallinn man for exploiting a government’s photo transfer service vulnerability_ and [making copies of the ID scans](https://www.bleepingcomputer.com/news/security/estonia-arrests-hacker-who-stole-286k-id-scans-from-govt-database/) of **over 286k Estonian citizens**. This data was extracted from the Identity Documents Database (KMAIS). The threat actor was arrested on 23rd July after the RIA was alerted of an unusual number of queries. The investigations revealed that the accused had citizens’ details but had not transferred or used the same for any malicious purpose.

The suspect had used citizens’ names and personal ID codes (which are easily accessible) to download their government document photos. Fortunately, these details cannot be used for financial transactions or e-services. The police shall notify all affected Estonians, and they need not worry about applying for new identity documents. _The Estonian Police is doing its best to prevent further **phishing attacks** and keep the citizens’ privacy intact_.

![Phishing protection](https://media.mailhop.org/phishprotection/images/2021/08/phishing-protection-1022.jpg) 

### Data Breach At Homewood Health Effects An Unknown Number Of People

_Ontario-based Homewood Health had undergone a cyberattack earlier this year_, and it is only now that the healthcare provider is notifying the affected agencies and companies. Among the victims of the incident are TransLink, BC Housing, and the Provincial Health Services Authority. Though [Homewood Health](https://bc.ctvnews.ca/unknown-number-of-british-columbians-personal-information-for-sale-online-after-health-company-extorted-1.5525715?&web%5Fview=true) has not given out the exact number of agencies and people affected by the [security breach](/blog/all-those-security-breaches-are-finally-coming-home-to-roost/), it has notified them.

_The adversaries have leaked the stolen information on Marketo’s data leak site_, where hundreds of bidders are contesting for its possession. As per reports, at least some of this information available online is authentic. Homewood Health is working in collaboration with external cybersecurity experts to investigate the breach. So far, _they have found no evidence of unauthorized access to their internal systems_. As investigations continue, the victims of this breach must closely monitor their online accounts, look out for phishing texts and adopt [anti-phishing](/blog/get-an-insight-on-various-types-of-anti-phishing-services/) measures.

### Cyberattack At Express MRI Exposes Patient Data

_Georgia-based medical imaging center Express MRI recently underwent a data breach that exposed the confidential medical information of its patients_. [Unauthorized third parties had accessed](https://portswigger.net/daily-swig/us-medical-imaging-center-reports-possible-data-breach-after-emails-nbsp-accessed?&web%5Fview=true) an Express MRI email account on 10th July 2020 and sent emails to the center’s contacts. The initial investigation had not suggested any **data breach** and the second investigation, which concluded in June 2021, also indicated the same. 

However, the adversaries’ data may have had access to include the patients’ names, email addresses, DOBs, addresses, names of the referring physicians, details of the body part scanned, etc. However, no Social Security numbers were likely accessed. Express MRI regrets this unfortunate incident and has **adopted cybersecurity** measures to [ensure protection](/blog/protection-from-phishing-a-growing-threat-in-todays-information-age/) in the future.

### Taiwanese High-Level Dignitaries Targeted In LINE Attack

The Japanese instant messaging app LINE is the second-most popular messaging application in Taiwan. Recently, _the LINE accounts of over a hundred Taiwanese dignitaries (state cabinet members, mayors, politicians, government officials, military personnel, etc.) were hacked._ The [adversaries exfiltrated the data](https://therecord.media/line-accounts-for-more-than-100-taiwanese-politicians-were-hacked/) stored on their devices. The company discovered this security blunder and immediately notified the victims.

_The victims were asked to enable the message encryption feature for their accounts_ to ensure [protection against phishing](/). LINE confirmed the attack on its website and announced that investigations continue to get to the roots of the attack.

### Cyberattack Hits UC San Diego Health

The UC San Diego Health, California, [underwent a data breach](https://www.bleepingcomputer.com/news/security/uc-san-diego-health-discloses-data-breach-after-phishing-attack/) for four months between 2nd December 2020 and 8th April 2021\. During that time, the _adversaries had access to some of the health system’s employee email accounts_. Regarded as one of the best hospitals, UC San Diego Health, was first notified of the **suspicious activity** on 12th March in the US. After the initial investigation, the unauthorized access was contained and removed on 8th April.

_The health system has reported the incident to the FBI and law enforcement_. It is suspected that the adversaries accessed the PII (Personally Identifiable Information) of students and employees and patients’ PHI (Protected Health Information) during the four-month breach period. Although there is no evidence of any data misused, the adversaries may have accessed the names, DOBs, email addresses, and addresses of victims. The other compromised details include claim information, fax numbers, medical record numbers, laboratory results, prescription and treatment details, social security numbers, payment card information, usernames, passwords, student ID numbers, etc.

_UC San Diego Health has informed all involved parties of the breach_. It also has changed employee credentials, enhanced overall **cybersecurity posture**, and disabled access points for further protection. The health system urges victims to look out for suspicious activities in their accounts or fraudulent messages.

![Phishing protection](https://media.mailhop.org/phishprotection/images/2021/08/phishing-protection-1023.jpg) 

### 2M BRI Life Customer Data Compromised

_The insurance wing of Indonesia’s Bank Rakyat Indonesia (BRI) called BRI Life underwent a cyberattack recently_, which exposed the personal details of **over two million customers**. The unknown threat actors have put up 460k documents from this data scrap for [sale on the dark web](https://www.reuters.com/business/finance/indonesias-bri-life-probes-reported-data-leak-2-million-users-2021-07-27/).

The cybersecurity firm Hudson Rock has evidence proving that several BRI and BRI Life computers were compromised (probably leading to the massive data breach). _The 460k stolen documents are up for sale on RaidForum for $7000_. The post is accompanied by a 30-minute demo video exhibiting the types of customer data stolen from BRI Life. These include their taxpayer information, bank account details, and identity cards.

BRI Life is currently working with external cybersecurity experts to investigate the breach and **tighten the security** of its online operations. The company specified that it holds customers’ data privacy as an important element of its operations and never shares their data with any third parties that could compromise it in any way.

### Ransomware Hits City Of Grass Valley

_The City of Grass Valley recently underwent a ransomware attack_. However, in this [particular attack](https://sacramento.cbslocal.com/2021/07/29/grass-valley-cyberattack-ransom/), the city officials decided to comply with the adversaries’ ransom demands. When asked why the city didn’t adopt other modes of retrieving data, _it was found that the ransom was paid to protect citizens from future victimization and not merely restore the city’s systems_.

_An interviewed citizen said that paying the demanded ransom encourages the attackers and pushes netizens to even more vulnerable territories_. Although the city has not revealed the ransom amount, it did indicate that there has been an expense of $50,000\. The affected city services include some discretionary outages. The city has adopted measures to ensure [protection against phishing](/) in the future and informed the FBI. Investigations continue to get to the roots of the attack. Meanwhile, the city has made free credit monitoring available for all citizens, worrying that their data might have been breached.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 32 of 2021","description":"Cybersecurity Updates For The Week 32 of 2021: Data breaches are a typical news headline in most cybersecurity updates today . There is no guarantee that.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-32-of-2021/","datePublished":"2021-08-05T14:11:53.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-08-05T14:11:53.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-32-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1327,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/08/phishing-protection-1022.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 32 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-32-of-2021/"}]}
```