---
title: "Cybersecurity Updates For The Week 33 of 2021 | Phish Protection"
description: "While an enterprise may agree to pay the demanded ransom, there remains the risk of attackers putting up the organization"
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-33-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-33-of-2021/"
---

Quick Answer

While an enterprise may agree to pay the demanded ransom, there remains the risk of attackers putting up the organization's sensitive data for sale on the dark web. Therefore, it is necessary to \*\*stop ransomware and phishing\*\* attacks at their root. \_The easiest way to do that is by keeping abreast of the latest phishing news\_ and adopting \[phishing protection\](/) measures beforehand. Here are the top phishing and ransomware headlines of this week.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-33-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2033%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-33-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-33-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-33-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2033%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2033%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-33-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/08/spear-phishing-protection-0631.jpg) 

While an enterprise may agree to pay the demanded ransom, there remains the risk of attackers putting up the organization’s sensitive data for sale on the dark web. Therefore, it is necessary to **stop ransomware and phishing** attacks at their root. _The easiest way to do that is by keeping abreast of the latest phishing news_ and adopting [phishing protection](/) measures beforehand. Here are the top phishing and ransomware headlines of this week.

### Data Stolen From Electronic Arts Leaked

Last month, _Electronic Arts (EA) underwent a ransomware attack_. The cyber adversaries stole a significant portion of data stored on their systems, including the source code of the FIFA 21 soccer game and EA’s server-side services. The adversaries had first [demanded a ransom](/resources/top-all-time-ransomware-demands-by-hackers/) from Electronic Arts (before 10th June). Still, after the company refused to comply with these demands, the [data was dumped](https://therecord.media/hackers-leak-full-ea-data-after-failed-extortion-attempt/) on an underground forum on 26th July 2021.

The adversaries were initially selling this EA **database for $28 million**, but since they could not find any buyers for these source codes (with no personal or financial data of users), _they released a cache of the FIFA source codes (1.3 GB in size) for free_ on 14th July. Two weeks later, all of the data stolen from EA was available for free on the dark web. The adversaries claim they gained access to EA’s data by buying authentication cookies from their internal Slack channel available on Genesis (a dark market channel) and mimicking an EA employee whose account was already logged in.

_780 GB of source code was compromised from EA’s internal code repositories_; however, the company believes that no information **affecting the privacy or identity** of players was affected by this. Nonetheless, EA has adopted necessary [phishing attack prevention](/) measures to ensure that no such incident can disrupt its games and business in the future.

### Thailand’s New Vaccine Site Exposes Details Of 20k Applicants

_Thailand’s first vaccine booking site, expatvac.consular.go.th received applications from thousands of people within minutes of being launched_. However, over 20,000 applicants reported that their [data was publicly available online](https://thethaiger.com/coronavirus/foreigners-able-to-register-on-vaccine-site-despite-data-leaks-glitches) without any protection. A range of other problems has been reported about the site. But the officials dealt with these errors proactively and tried to resolve them as soon as possible. The [data breach](/blog/6-biggest-data-breaches-from-recent-years-that-lay-down-the-importance-of-adopting-anti-phishing-cybersecurity-tools/) was **quickly patched**, and people received emails confirming their registration at the end of the process.

People reported that the site would frequently crash, and they would have to start their registration all over again, but after repeated attempts, they could finally get a vaccine appointment. As the Thailand officials strive to ensure [phishing prevention](/), _they urge foreigners to keep trying to register for the vaccine on the website_.

![Spear phishing protection](https://media.mailhop.org/phishprotection/images/2021/08/spear-phishing-protection-0631.jpg) 

### Cyberattack At Guard.Me Affects SD73 Students

_Guard.me, the travel and medical insurance provider for the international students of School District No. 73 (SD73, Kamloops-Thompson) recently [underwent a cyberattack](https://cfjctoday.com/2021/08/01/sd73s-insurance-provider-for-international-students-suffers-cybersecurity-breach/)_. Consequently, the personal information of some of the present and past international students were affected. These details include their identity information, contact details, and other data submitted for admission. Though SD73 isn’t directly responsible for the breach, it informed the students of the incident and took the required [anti-phishing protection](/products/advanced-threat-defense/) measures.

In addition to this, the school district has asked all affected students to _keep a close eye on their financial statements and change their login details_ for all other accounts where they might have used the same password. Students are also advised to check with Guard.me for any credit monitoring services or measures provided to prevent further **phishing attacks**.

### Personal Details Of 35 Million US Residents Exposed

_An unprotected AWS database whose owner remains unidentified was recently discovered by the researchers at Comparitech_ on 26th June 2021\. This [publicly available database](https://www.hackread.com/household-data-database-us-residents-exposed/) contained the personal details of **around 35 million** Chicago, Los Angeles, and San Diego residents. The strange thing about the incidence is that the time zone is set to Kolkata, India, for this database.

_It is assumed that the database is the scraping attempt of a marketing firm that didn’t do a good job configuring the server_. The **information exposed** through this database includes the full names, DOBs, gender, email addresses, ethnicities, residential addresses, contact details, and marital status of victims. The data was scraped between 2010 and May 2021 and remained publicly available until a month after being discovered. This database contained users’ personally identifiable information (PII), and it is not yet known where this data was collected from. The best thing to do for those affected by the breach is to take [anti-phishing measures](/blog/sim-swap-fraud-the-reason-why-you-must-adopt-robust-anti-phishing-measures-besides-2fa/) and keep looking out for anomalies.

### Ransomware Hits Isle Of Wight Education Federation

_The Isle of Wight Education Federation recently underwent a ransomware attack_ because of which the systems of six schools have been offline since 30th July, Friday. These schools include Barton Primary, Lanesend Primary, Hunnyhill Primary, Carisbrooke College, Medina College, and Island 6th Form. Along with encrypting the IT systems, the [adversaries also stole data](https://www.grcworldforums.com/uk/isle-of-wight-schools-struck-by-ransomware-attack/2322.article) from the schools.

_The federation is working with the Department of Education, Isle of Wight Council, and the Police Cybercrime Unit to get to the roots of the attack_. The federation has resolved to adopt **effective measures** to ensure [protection from phishing](/) attacks in the future.

### Misconfigured S3 Bucket Belonging To Reindeer Exposes Client Information

The American marketing company Reindeer, formerly associated with Tiffany & Co., Patrón Tequila, and other brands, was [recently exposed to customers’ details](https://www.securitymagazine.com/articles/95782-reindeer-leaked-the-sensitive-data-of-more-than-300000-people) through a misconfigured Amazon S3 bucket. Over **50,000 files** (32 GB of data) _contained in the database were left unprotected online by the company_, which is no longer operational. Since Reindeer cannot be reached, the researchers who discovered the database had to approach Amazon directly to get the database removed.

_More than 300,000 customers have their details compromised in this Reindeer data breach_, with most of Patron’s customers (client of Reindeer) losing their PII. Around 1400 profile pictures and names, DOBs, residential addresses, email addresses, Facebook IDs, and _hashed passwords of **about 306,000 customers** were exposed_. One hundred thousand phone numbers were also leaked in the incident, which affected 35 countries (Great Britain, Canada, and the US being the top three countries). The information stored in the database dated back to 2nd May 2007\. Affected individuals must adopt [phishing prevention best practices](/resources/phishing-prevention-best-practices/) to ensure that none of their compromised data can be used against them.

### Customer Database Belonging To Starhub Found On A Dump Site

_A customer database belonging to the Singapore telco, StarHub was recently found on a third-party data dumpsite_. This database contained StarHub’s customer details (dating back to 2007), including their phone numbers and email addresses. The [database was discovered](https://www.zdnet.com/article/starhub-suffers-data-breach-but-says-no-system-was-compromised/) by StarHub’s internal cybersecurity team in one of their **regular online surveillance** on 6th July. However, it’s only now that StarHub has begun notifying the affected customers.

A total of **57,191 customers** (who had applied for StarHub services before 2007) lost their email addresses, phone numbers, and identity card numbers in this breach. While StarHub is reluctant to reveal whether any existing customers were affected by the incident, _it is expected to take two weeks to inform and caution all affected individuals_. StarHub regrets the incident and is taking necessary [anti-phishing measures](/blog/ransomware-hits-reason-why-businesses-need-to-adopt-robust-anti-phishing-measures/) to create a secure system for its customers.

![Spear phishing protection](https://media.mailhop.org/phishprotection/images/2021/08/spear-phishing-protection-0632.jpg) 

### Data Breach Hits OT Group

_The Singaporean real estate group, OT Group (the parent company of OrangeTee Advisory and OrangeTee & Tie) recently [underwent a data breach](https://www.channelnewsasia.com/business/orangetee-data-security-breach-real-estate-2096391)_. The company’s website has been down since 6th August after the adversaries emailed it claiming to have accessed its IT systems.

OT Group immediately launched an investigation and reported the incident to the concerned authorities. If the investigation indicates a possibility of **data compromise**, OT Group will take measures for [protection against phishing](/) and inform all affected customers. Till then, all customers seeking clarification must contact the company’s customer reps.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 33 of 2021","description":"While an enterprise may agree to pay the demanded ransom, there remains the risk of attackers putting up the organization's sensitive data for sale on the dark.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-33-of-2021/","datePublished":"2021-08-12T08:10:21.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-08-12T08:10:21.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-33-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1321,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/08/spear-phishing-protection-0631.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 33 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-33-of-2021/"}]}
```