---
title: "Cybersecurity Updates For The Week 35 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 35 of 2021: Ransomware and phishing continue to remain some of the major causes of concern for global organizations . This."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-35-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2021/"
---

Quick Answer

The investigations by the Liberty group have confirmed that it was only a small dataset that was affected in the incident. ForHousing and Liberty have reassured associates that their priorities always include the safety of tenant and staff data. \_The group is currently working in collaboration with the relevant authorities and partners affected by the incident\_.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2035%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2035%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2035%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-35-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/08/stop-phishing-emails-0456.jpg) 

\_Ransomware and phishing \_ _continue to remain some of the major causes of concern for global organizations_. This week’s phishing headlines highlight the most significant data breaches and other [cyber attacks](/blog/is-covid-19-germinating-more-cyber-attacks/) that you need to read about to keep yourself updated so you can learn to thwart such attacks. 

### Ransomware Hits ForHousing and Liberty

_The Salford-based social housing group ForHousing and Liberty recently underwent a ransomware attack_ in which [attackers stole some of its data](https://www.infosecurity-magazine.com/news/data-stolen-social-housing/). While no staff or tenant data was affected, a small portion of data from the enterprise’s systems was stolen. The group had to bring down its systems for some time to ensure [protection against phishing](/).

The investigations by the Liberty group have confirmed that it was only a small dataset that was affected in the incident. ForHousing and Liberty have reassured associates that their priorities always include the safety of tenant and staff data. _The group is currently working in collaboration with the relevant authorities and partners affected by the incident_.

### Cyberattack Hits AT&T Just Days After Attack on T-Mobile

_The notorious attacking group ShinyHunters has put up a database with records of T-Mobile users for sale recently_. Within days, the group is [targeting yet another mobile service provider](https://cybernews.com/news/att-database-of-70-million-users-sold-on-hacker-forum/), AT&T. The AT&T database contains personally identifiable information of users such as the names, email addresses, social security numbers, and DOBs of **70 million users**. _It is now being sold at a starting price of $200,000_.

On its part, _AT&T claims that the data doesn’t come from its systems and is either inauthentic or stolen from other websites_. This is not the first time that AT&T is being targeted. The organization underwent a data breach in 2015, where it paid a **penalty of $25 million** for an insider breach. Even in May this year, adversaries tried to hire an AT&T employee to launch an insider attack. This incident highlights the importance of providing adequate cybersecurity [training to employees](/products/phishing-awareness-training/) for ensuring robust [phishing attack prevention](/) from attempts like these.

![Stop phishing emails](https://media.mailhop.org/phishprotection/images/2021/08/stop-phishing-emails-0456.jpg) 

### Data Breach At New York University

_The New York University recently underwent a data breach that exposed the personal information of around **47,000 individuals**_. Although it’s not sure whether these are students, employees, donors, or other associates, such an [attack is a cause of concern](https://portswigger.net/daily-swig/data-breach-at-new-york-university-potentially-affects-47-000-citizens) simply because of the extent to which the stolen data can be (mis)used.

_The breach was detected by the Research Foundation for the State University of New York_ (SUNY), who confirmed that the attack took place earlier this year and was found on 14th July. The Research Foundation’s network was breached between 22nd May and 9th July. Investigations began immediately after **detecting the attack**, and an external cybersecurity organization was hired to address the issue. The most unfortunate detail to note about the breach is the leak of Social Security Numbers.

Apart from informing law enforcement, the university took measures to contain the attack. It has extended one year of free credit monitoring and [identity theft protection](/blog/understanding-business-identity-theft-and-what-makes-businesses-vulnerable-to-these-identity-thefts/) to all affected individuals. It has also taken [anti-phishing](/) measures to avoid such attacks in the future.

### Cyber Partisans Group Compromised Belarusian Citizens’ Data

_The Cyber Partisans Group is a secretive hacking group that has recently attacked the Belarusian government and police_. Their objective is to access enough information about the [Lukashenka regime](https://cybernews.com/security/cyber-partisan-hack-targets-lukashenka-regime/) to highlight their crimes against Belarusian society. In this latest attack, a vast expanse of citizens’ **data was stolen**, starting from the PII of Belarusian citizens to phone call details of conversations between the supporters and opponents of the Lukashenka regime.

Associate Director at the Atlantic Council’s Digital Forensic Research Lab- Lukas Andriukaitis, calls this one of the most significant attacks by the Cyber Partisans group. _The group managed to steal the personal details of some of the inner circle members of the Lukashenka regime_, KGB employees, Belarusian security forces leadership employees, and intelligence officers.

The deadly attack **stole the PII** of all Belarusian citizens, including their addresses, passport photos, and office addresses, making it very difficult to ensure [phishing prevention](/) going forward. The Cyber Partisans group also compromised the police database, phone call details, CCTV footage, and work history of officers, _details they will eventually use to overthrow the government_. But everybody is aware of the brutal manner in which the Lukashenka regime handles opponents. It’s a matter of time before the anonymous members of the Cyber Partisans Group disappear.

### Data Breach At Hoosier State

_Thousands of Indiana residents had their data compromised owing to a data breach affecting a COVID-19 contact tracing survey by Hoosier State_. The organization left a misconfigured software [publicly available online](https://www.infosecurity-magazine.com/news/indiana-contact-tracing-data/). An unnamed vulnerability-hunting enterprise first noticed the loophole on 2nd July 2021\. Soon after, the state officials were informed about it. The **compromised information** included the residents’ names, DOBs, gender, ethnicity, and email addresses.

As per the Indiana Department of Health and the Indiana Office of Technology, the misconfiguration was resolved immediately to ensure [protection from phishing](/) attacks. Additionally, _the unnamed organization that detected the vulnerability_ returned all the sensitive information on 4th August and signed a certificate testifying that they have destroyed the data from their database.

The breach is unlikely to have any major implications as Hoosier does not store any social security numbers or medical records. But in an abundance of caution, Hoosiers will provide one year of free credit monitoring to all victims. Approximately **750k Indiana residents** were affected by the breach, and breach notifications will be sent out to each one of them.

### Ransomware Hits Brazil’s National Treasury

_Brazil’s National Treasury underwent a ransomware attack on 13th August 2021_. This particular [ransomware attack](https://www.zdnet.com/article/brazilian-national-treasury-hit-with-ransomware-attack/) comes after a **series of attacks** on the Brazilian government and organizations over the last year. Fortunately, none of the major structuring systems, such as the public debt administration, was affected. Operations of the Tesouro Direto were safe as well.

The Ministry of Economy was quick to take measures to ensure [protection from phishing](/). The Federal Police was informed, and the Ministry noted that all vital information about the incident would be shared in due course of time.

### Glitch At Chase Bank Website Exposes Customer Details

_JP Morgan Chase was unintentionally leaking the banking information of customers_, wherein a technical bug allowed users of its online banking website to view the banking details of fellow customers. The [exposed details](https://www.bleepingcomputer.com/news/security/chase-bank-accidentally-leaked-customer-info-to-other-customers/) include the names, bank account numbers, transaction lists, and statements. The bug persisted for about two months between 24th May and 14th July 2021 and impacted the customers using online banking and the Chase Mobile app services.

![Phishing definition](https://media.mailhop.org/phishprotection/images/2021/08/phishing-definition-4125.jpg) 

_Chase Bank posted a very vague notice informing customers of the technical issue causing the data breach_. It said that the exact circumstances under which a customer could access other customers’ details are unknown. So far, there is no evidence that would indicate the misuse of any customer information. Chase Bank customers must adopt its free credit monitoring facility and follow **cyber hygiene practices** to protect themselves from targeted phishing attacks.

### Ransomware Hits Memorial Health System, Ohio

_Ohio-based hospital Memorial Health System is the latest to be hit by ransomware_. Consequently, the [hospital systems were disrupted](https://www.govinfosecurity.com/memorial-health-system-in-ohio-latest-entity-hit-attack-a-17302), and it had to send its emergency care patients from three locations to other hospitals. The Memorial Health System **restricted user access** to the affected IT applications and implemented security protocols to ensure [anti-phishing protection](/). The Federal law enforcement was informed, and measures were taken to restore information operations at the earliest.

So far, there is no evidence of the compromise of any personal or financial patient data. _Cybersecurity researchers believe that the Hive ransomware group is responsible for this attack_. However, Memorial Health System is yet to disclose whether it received any ransom demands.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 35 of 2021","description":"Cybersecurity Updates For The Week 35 of 2021: Ransomware and phishing continue to remain some of the major causes of concern for global organizations . This.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2021/","datePublished":"2021-08-26T09:12:05.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-08-26T09:12:05.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1298,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/08/stop-phishing-emails-0456.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 35 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-35-of-2021/"}]}
```