---
title: "Cybersecurity Updates For The Week 36 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 36 of 2021: Ransomware and phishing scams together account for a majority of the cyberattacks that happen every year ."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-36-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2021/"
---

Quick Answer

Brazil's largest clothing department store chain with \*\*over 600 stores\*\* across three countries, \_Lojas Renner recently underwent a \*\*ransomware attack\*\* that affected its online shopping portal\_. As per reports, the RansomExx gang is responsible for this \[attack on Renner\](https://therecord.media/ransomware-hits-lojas-renner-brazils-largest-clothing-store-chain/), which brought down its IT infrastructure. Some chaos and misinformation were being spread when Renner first disclosed the breach on the Brazilian stock market on 26th August 2021\. However, the enterprise confirmed that none of its offline stores were impacted

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2036%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2036%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2036%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/09/phishing-attack-prevention-0374.jpg) 

_Ransomware and phishing scams together account for a majority of the cyberattacks that happen every year_. This week’s news headlines cover the major [phishing scams](/blog/the-latest-phishing-scams-hackers-can-bypass-two-factor-authentication/) from the past few days and re-emphasize the importance of **anti-phishing measures** for individuals and organizations.

### Ransomware Hits Lojas Renner

Brazil’s largest clothing department store chain with **over 600 stores** across three countries, _Lojas Renner recently underwent a **ransomware attack** that affected its online shopping portal_. As per reports, the RansomExx gang is responsible for this [attack on Renner](https://therecord.media/ransomware-hits-lojas-renner-brazils-largest-clothing-store-chain/), which brought down its IT infrastructure. Some chaos and misinformation were being spread when Renner first disclosed the breach on the Brazilian stock market on 26th August 2021\. However, the enterprise confirmed that none of its offline stores were impacted by the breach and that outlets were still open for shoppers.

Though this remains confirmed, some researchers believe that _RansomExx compromised the Renner servers by first attacking its IT and digital services provider_, Tivit. When asked, Tivit denied having undergone any attacks. Renner, too, was found downplaying the severity of the incident, and it remains uncertain whether the threat actors stole files from its servers. Yet another unconfirmed update about the Renner attack is that the organization paid a **ransom of $20 million** to the threat actors to procure the decryptor. One can only hope that Lojas Renner adopts [phishing protection](/) measures and notifies its online shoppers about the breach in due time.

### Email Phishing Scam Targets Revere Health

_An employee of the healthcare enterprise Revere Health fell for an email phishing attack recently_. Consequently, the medical records of **over 12,000 patients** were compromised. Although the account was [under the control of adversaries](https://www.thespectrum.com/story/news/2021/08/23/phishing-attack-exposes-information-12-000-patients-st-george/8214230002/) for just 45 minutes on 21st June, it is suspected that employee details and patient records were stolen to launch targeted **phishing attacks** later.

After two months of investigation, _Revere Health declared that the adversaries probably had no intentions of leaking the stolen data_. Therefore, the attack was categorized as a low-risk one. The compromised information included the DOBs of patients and other details such as insurance provider names. However, no financial information was lost to the breach.

To ensure [phishing attack prevention](/), Revere Health has enhanced its cybersecurity measures to include [test-phishing emails](/products/phishing-simulation/). Employees who respond to the test-phishing email need to take the [awareness training](/products/phishing-awareness-training/) from the IT department.

### Town of Peterborough Loses $2.3 Million to BEC Scam

_The Town of Peterborough, New Hampshire, recently underwent a BEC scam_ in which the city was **robbed of $2.3 million**. The adversaries used spoofed email accounts to trick town employees into redirecting a **$1.2 million monthly** transfer to the ConVal School District to their accounts. Similar fraud transactions amounting to $ 2.3 million (equivalent to about 15% of the town’s yearly budget) were redirected to wrong accounts.

![Phishing attack prevention](https://media.mailhop.org/phishprotection/images/2021/09/phishing-attack-prevention-0374.jpg) 

The two other [fake transactions](https://therecord.media/scammers-steal-2-3-million-from-small-us-town/) robbed the payments due for the contractors, Beck and Bellucci. Investigations revealed that the malicious actors converted the stolen funds into cryptocurrency immediately, thus making a recovery of the amount a near-impossible task. The unfortunate update is that the losses may not all be covered by cybersecurity and [phishing prevention](/) insurance. Therefore, involved town employees (with no fault of their own except their inability to verify the legitimacy of the emails) were put on leave.

### Ransomware Hits The Swiss Town Rolle

_A **ransomware attack** recently targeted the Swiss town Rolle which led to the compromise of the personal details_ of all the\*\* 6,200 residents\*\* of the town. The adversaries got into the administrative servers and [stole sensitive files](https://securityaffairs.co/wordpress/121470/cyber-crime/swiss-town-rolle-ransomware.html). The municipal government presented a different picture of the attack and said none of the significant servers were affected by the breach and had a backup for the exposed files.

However, the reality was quite the opposite. The Vice Society ransomware gang was responsible for the Rolle attack where _they stole gigabytes of data and posted it on the dark web_. The town authorities kept downplaying the attack and giving false assurance to people being oblivious of these details. The attack was first discovered on 30th May, and investigations revealed that the stolen documents were of sensitive nature.

The town set up a task force of experts to handle the unfortunate breach to ensure [protection against phishing](/). The exposed details are likely to include the names, DOBs, addresses, residency permits (non-Swiss residents), and social security numbers.

### Ransomware Hits Eskenazi Health

_Indianapolis-based health system Eskenazi Health recently underwent a ransomware attack_. The hospital confirmed the incident and said that the adversaries stole patient data before **encrypting their systems** on 4th August. This eventually led to an electronic health record (EHR) downtime, and their IT team had to take quick actions to contain the attack’s spread. The breach impacted all [Eskenazi Health care sites](https://www.scmagazine.com/analysis/breach/eskenazi-health-confirms-patient-data-stolen-prior-to-ransomware-ehr-downtime).

However, the attack hasn’t affected any patient care facilities or vaccination efforts, thanks to the hospital’s [anti-phishing solutions](/products/advanced-threat-defense/) adopted after previous attacks. However, the local Marion County Public Health Department was affected as it was temporarily unable to issue death and birth certificates.

Investigations into the breach revealed that the _adversaries put up some of the data stolen from the hospital on the dark web_. This data is now being analyzed to see if it contains any personal employee or patient data. The healthcare provider will notify affected individuals based on the results of this analysis. The hospital has made it very clear that they do not intend to comply with any **ransom demands**. As Eskenazi Health continues its investigations with the FBI, all other essential services are being taken care of. _Patients are to stay cautious and look out for suspicious messages_.

### Data Breach At Atlanta Allergy & Asthma (AAA)

A renowned name in allergy treatment, Atlanta Allergy & Asthma (AAA), _recently underwent a data breach that exposed the health information of **9,800 patients**_. The [compromised information](https://portswigger.net/daily-swig/breach-at-deep-south-allergy-clinic-group-exposed-the-health-info-of-estimated-9-800-patients) includes the full names, social security numbers, DOBs, treatment information, costs, financial details, provider names, treatment location, health insurance numbers, etc.

Soon after discovering the attack, AAA adopted measures for [protection from phishin](/)g. It hired an external cyber security organization to investigate the breach, which could not find any evidence of the stolen data being for identity fraud or any other scam.

![Phishing protection](https://media.mailhop.org/phishprotection/images/2021/09/phishing-protection-4367.jpg) 

\_The AAA attack took place in early January and was detected in Marc\_h. However, in July, the affected patients were notified of the breach and asked for credit monitoring services. The data stolen from AAA (1.3 GB of data containing 597 PHI files) was posted on the dark web by the Nefilim ransomware gang. _The hospital is now being accused of ignoring the protocol of giving early warnings to the victims_. Further updates on the case are awaited.

### Cyberattack Hits Boston Public Library (BPL)

_A cyberattack recently targeted the Boston Public Library_ (BPL), which led to a system-wide technical outage. With **over 4 million** annual visitors, BPL has quite a reader base across 25 branches. The [attack took place](https://www.bleepingcomputer.com/news/security/boston-public-library-discloses-cyberattack-system-wide-technical-outage/) on 25th August and has brought down some of its online services requiring logins. Soon after the attack, all public printing services, online resources, and public computers became un-operational.

To contain the spread of the attack, BPL brought the remaining systems offline as well. They were said to have taken proactive [anti-phishing protection](/) measures and launched an investigation. Law enforcement was informed as well, and so far, there is no evidence of any employee or patron data being stolen from the systems.

_The IT team of BPL is striving to restore services as soon as possible_. It has apologized for the unfortunate system outage and thanks patrons for their patience and trust.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 36 of 2021","description":"Cybersecurity Updates For The Week 36 of 2021: Ransomware and phishing scams together account for a majority of the cyberattacks that happen every year .","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2021/","datePublished":"2021-09-04T18:47:12.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-09-04T18:47:12.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1280,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/09/phishing-attack-prevention-0374.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 36 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2021/"}]}
```