---
title: "Cybersecurity Updates For The Week 34 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 34 of 2021: There can never be an assurance of complete phishing attack prevention attached to any cybersecurity solution."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-34-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34-of-2021/"
---

Quick Answer

There can never be an assurance of complete \[phishing attack prevention\](/) attached to any \*\*cybersecurity solution\*\*. \_Cyber adversaries are getting sophisticated and innovative by the day\_, and a mere click on a link received in a spam email is enough to jeopardize your information assets today. However, it does not mean that organizations must not take any measures. One of these crucial measures includes studying recent cyberattacks that can help you devise a comprehensive \[phishing attack prevention strategy\](/content/phishing-awareness-training/phishing-awareness-tips/). Here are

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2034%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2034%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2034%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/08/phishing-prevention-4235.jpg) 

There can never be an assurance of complete [phishing attack prevention](/) attached to any **cybersecurity solution**. _Cyber adversaries are getting sophisticated and innovative by the day_, and a mere click on a link received in a spam email is enough to jeopardize your information assets today. However, it does not mean that organizations must not take any measures. One of these crucial measures includes studying recent cyberattacks that can help you devise a comprehensive [phishing attack prevention strategy](/content/phishing-awareness-training/phishing-awareness-tips/). Here are the top phishing headlines from last week.

### Data Breach Affects 3,200 Children From Daycares at the Durham Region

_Around 3200 children from some 80 Toronto-based daycares have their vaccination records exposed online since March 2021_. The information was stolen from [cyberattacks on the daycares of Durham](https://toronto.ctvnews.ca/cyberattack-hits-vaccine-records-for-thousands-of-durham-region-children-ctv-news-investigation-1.5543525) Region and posted on a **data leak** site owned by a Ukrainian group. When the parent of a two-year-old received a notification that some of his information was leaked, he was clueless about the nature of the **compromised data** and could take no specific measures to [prevent phishing](/) attacks.

Some daycares have been instructed to stop sending out vaccination details to ensure that no vaccination details get leaked further. Kindertots Child Care Centre in Ajax has been keeping track of its vaccination details independently since it was first informed of the breach in April. From the looks of it, _threat actors at the CLOP group may have gained access to an Accellion file transfer system_. As per the latest updates, the Accellion software has now been fixed. However, the Durham region has stopped using the third-party (Accellion) software. Although the nature of the **information leaked** is of little significance to launch further attacks, it is still irresponsible to let sensitive information be accessed by threat actors this way.

### Data Breach Hits Employees of US Waste Management Firm

_Waste Management Resources is a US waste management firm that [underwent a cyberattack](https://portswigger.net/daily-swig/data-breach-at-us-waste-management-firm-exposes-employees-healthcare-details) back in January 2021_. The firm notified the affected employees and mentioned the information exposed. The exposed details included the names, driver’s license numbers, DOBs, Social Security Numbers, government and state ID numbers, taxpayer-identification numbers, and banking and card details of employees. It further exposed the medical information of employees and their dependents and other information such as usernames, passport numbers, email addresses, and passwords of financial accounts. Such an extensive collection of information, if stolen and exposed, can most certainly put a person’s **identity at risk**.

Soon after detecting the attack on 21 January, the firm launched an investigation which revealed that \_the attackers accessed their HR Resources between 21-23 January 202\_1\. While this breach did not affect the firm’s operations, the exposure of the **sensitive information** belonging to employees and their dependents is a cause of grave concern. All affected individuals must keep an eye on their credit reports and take necessary [anti-phishing protection](/products/advanced-threat-defense/) measures.

### Cyberattack Hits FOID Card Holders In Illinois

_The Illinois State Police (ISP) underwent a cyberattack last week in which the adversaries accessed its Firearm Owners Identification (FOID) card portal_. Consequently, the personal information of **over 2,000 citizens** possessing [FOID cards was compromised](https://1440wrok.com/illinois-foid-card-system-hit-by-cyber-attack/). 

As part of their [anti-phishing measures](/blog/ransomware-hits-reason-why-businesses-need-to-adopt-robust-anti-phishing-measures/), the ISP has disabled some of their online account features. They have also reached out to all the 2,000 FOID cardholders and limited the use and access of the sensitive information submitted by citizens on the portal. _This isn’t the first time that a cyberattack has hit the Illinois State government_. It was just in April that the government **spent $2.5 million** in taxpayer money to reestablish compromised systems. The Illinois Department of Employment Security has had the same fate too.

![Phishing prevention](https://media.mailhop.org/phishprotection/images/2021/08/phishing-prevention-4235.jpg) 

### Ransomware Hits St. Joseph’s Candler, Georgia

St. Joseph’s/Candler (SJ/C) is one of the leading [health systems in Georgia](https://www.infosecurity-magazine.com/news/data-breach-at-georgia-health/), which was _undergoing a data breach for six months (between December 2020 and June 2021)_. The breach ultimately culminated into a [ransomware attack](/resources/ransomware-attack-why-organizations-pay-ransom/) which was first discovered on 17 June 2021\. Since its computer systems were brought down, the hospital used social media to inform patients about the security incident. SJ/C took immediate measures to **limit the impact** of the attack and isolated the infected systems.

As investigations continued, SJ/C took to traditional methods and used pen and paper to complete their paperwork. However, medical procedures such as imaging, surgery, primary care, and physician appointments remained unaffected. The investigation revealed that the PII and PHI (names, addresses, social security numbers, DOBs, driver’s license number, billing details, patient account number, financial and health insurance plan member ID, medical history etc.) of SJ/C employees and patients were accessed by the attackers. Therefore, the hospital began notifying them around 10 August. As part of its measures for [protection against phishing](/), _the hospital is providing free identity protection and credit monitoring to all victims_.

### Data Breach At SeniorAdvisor

_The US-based senior care review website SeniorAdvisor recently underwent a data breach that affected millions of senior citizens in North America_. SeniorAdvisor left a [misconfigured Amazon S3 bucket](https://www.infosecurity-magazine.com/news/senior-citizens-personal-data/) with the personal information of millions of people in it, available online without any encryption. Consequently, **182 GB of their data** was exposed, including citizens’ names, phone numbers, and email addresses. The files belong to users from the period 2002-2013.

After being notified, SeniorAdvisor **secured the database**, but this still does not assure [security from phishing](/blog/a-brief-email-security-and-phishing-safety-guide-useful-for-it-and-email-administrators/) attacks for all those users whose personal information was accessible online for an unknown period before discovery. This attack calls for special worries because the affected group involves senior citizens who are more susceptible to cyberattacks. Even if SeniorAdvisor adopts the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) now, it can still not protect all its affected users, who are primarily senior citizens.

### Data Breach Hits New York City Public School Students And Employees

_Over 3,000 New York City Public school students and 100 staff members from the education department had their personal information exposed in a recent data breach_. Although the education department hasn’t disclosed how the breach occurred, it was reported that at least one student in the [school system could access Google Drive](https://ny.chalkbeat.org/2021/8/5/22612388/data-breach-nyc-students-staff-google-drive) containing all this private information about students and staff. The information contained on Drive included the academic records (in the case of students) and biographical data (of students and staff).

![Phishing prevention best practices](https://media.mailhop.org/phishprotection/images/2021/08/phishing-prevention-best-practices-5135.jpg) 

Fortunately, social security numbers were not recorded by the city.\_ All affected individuals were notified about the breach via email\_. Investigations suggest no evidence of the data being misused or shared further. Nonetheless, _the education department is offering two years of free credit monitoring to all affected individuals_.

### Cyberattack Hits Chanel Korea

_The South Korean unit of the luxury brand Chanel recently underwent a cyberattack_ where the adversaries [accessed a database](http://www.koreaherald.com/view.php?ud=20210809000699) containing the PII of some of the customers from the Fragrance and Beauty division. The compromised information included their names, phone numbers, DOBs, and shopping histories. However, no user IDs, passwords, or payment details were exposed in the incident.

Chanel Korea profoundly regrets this unfortunate incident and apologizes to all customers whose information was leaked. All affected individuals were notified via texts and emails. Chanel urges all customers worried about **data theft** to approach them and take [phishing protection](/) measures at an individual level. _Chanel launched an investigation and employed an external cybersecurity firm to get to the roots of the attack_. Immediately after detecting the source of the breach, they **blocked the IP** address responsible for it. The case was then handed over to the government authority KISA, which now investigates it along with the PIPC.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 34 of 2021","description":"Cybersecurity Updates For The Week 34 of 2021: There can never be an assurance of complete phishing attack prevention attached to any cybersecurity solution.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34-of-2021/","datePublished":"2021-08-20T09:13:31.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-08-20T09:13:31.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1257,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/08/phishing-prevention-4235.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 34 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34-of-2021/"}]}
```