---
title: "Cybersecurity Updates For The Week 38 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 38 of 2021: Threat actors continue with their nefarious activities to target organizations around the world . The."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-38-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-38-of-2021/"
---

Quick Answer

The Pacific City Bank is a leading American bank providing commercial banking services to Korean-Americans based in California. \_The Bank recently underwent a ransomware attack\_, and the AVOS Locker Ransomware gang was \[behind the attack\](https://securityaffairs.co/wordpress/121872/cyber-crime/pacific-city-bank-avos-locker-ransomware.html). Several sensitive files were stolen from the organization's servers, and threat actors warn of leaking them.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-38-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2038%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-38-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-38-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-38-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2038%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2038%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-38-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/09/anti-phishing-software-4563.jpg) 

_Threat actors continue with their nefarious activities to target organizations around the world_. The following news headlines highlight the major [phishing attacks](/blog/rise-in-online-payments-given-rise-in-phishing-attacks/) in the past week and the **mitigation measures** adopted by concerned authorities.

### AVOS Locker Ransomware Attacks Pacific City Bank

The Pacific City Bank is a leading American bank providing commercial banking services to Korean-Americans based in California. _The Bank recently underwent a ransomware attack_, and the AVOS Locker Ransomware gang was [behind the attack](https://securityaffairs.co/wordpress/121872/cyber-crime/pacific-city-bank-avos-locker-ransomware.html). Several sensitive files were stolen from the organization’s servers, and threat actors warn of leaking them.

![Anti phishing software](https://media.mailhop.org/phishprotection/images/2021/09/anti-phishing-software-4563.jpg) 

AVOS Locker added the Pacific City Bank to its data leak site and uploaded a ZIP folder containing some screenshots of data stolen as proof. In the message posted on the data leak site, the adversaries say that Pacific City provides outstanding financial services but has terrible [phishing protection](/) measures. _The attackers have threatened to leak the data stolen if the Pacific City Bank does not come forward for negotiation_.

### Further Details on The Accellion-Linked Beaumont Health Breach

_Nine months after the Accellion data breach, a victim was detected_. Beaumont Health is a healthcare service that uses Accellion’s services. An unnamed adversary had exploited [zero-day vulnerabilities](/content/zero-day-attacks/) in Accellion’s File Transfer Application to [compromise files](https://www.infosecurity-magazine.com/news/accellion-breach-beaumont-health/) belonging to Beaumont. Around **1500 patients** of the healthcare facility have been affected by the incident.

However, in this case, the primary attack point was the legal services provider Goodwin Procter LLP, as it used Accellion’s software to transfer large files.

Beaumont Health released a breach notification on 27th August where it mentioned that _approximately 1500 patients were affected_. The compromised details include the patient’s name, medical record number, procedure name, date of service, physician’s name, etc. The breach notification also mentions the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) that the victims must use. It also specifies that _there is no evidence to prove the misuse of any of the compromised data_.

### Data Leak at France-Visas Website

_The data collection section of the France-Visas website was [recently breached](https://www.connexionfrance.com/French-news/Personal-details-of-8-700-French-visa-applicants-exposed-by-hackers)_, resulting in the compromise of sensitive data belonging to **around 8,700 Visa applicants**. The targeted section of the website receives approximately 1.5 million applications every month. It is managed by the Ministry of the Interior and the Ministry of Foreign Affairs.

_The ministries assured that corrective measures were adopted immediately after detecting unauthorized access_. But despite the [phishing prevention](/) measures, the adversaries could steal users’ details such as their names, nationalities, DOBs, passport, identity card numbers, etc. The Ministry of Foreign Affairs was reluctant to reveal much about the attack but said that not all victims had these mentioned details compromised.

The good thing is no financial data was involved and using the compromised data, no fraudulent administrative processes can be initiated. All people whose details were affected will receive data breach notifications containing [phishing prevention tips](/content/phishing-prevention/). Both the governing ministries have adopted measures to ensure that such an attack does not happen again.

### Two Million Moroccans’ Details Compromised

_An unidentified threat actor scrapped the personal details of two million Moroccans off LinkedIn just ahead of Morocco’s elections_, and citizens are worried about this breach of their privacy. The [details compromised](https://www.moroccoworldnews.com/2021/09/344304/personal-data-of-2-million-moroccans-leaked-online) by this cyber-snooping attack include the names, email addresses. Professions and employers’ names of **2 million Moroccan netizens**.

Taking on the name of Adolphe Hitler, the attacker has posted the stolen data in three free cloud spaces, and _this database had been circulating on the dark web for weeks_. The same adversary has **stolen 2,181** student resumes from the Mohammed V University of Rabat (between the years 2013 and 2020). _How the malicious actor could access university students’ details is still a mystery_. Moroccan citizens must watch out for suspicious job opportunities and adopt **anti-phishing measures** at the earliest.

![Phishing protection software](https://media.mailhop.org/phishprotection/images/2021/09/phishing-protection-software-4150.jpg) 

### Data Breach at NRS-Owned Dotty Fast Food Chain

_Dotty, a popular US fast food and gambling services chain owned by Nevada Restaurant Services (NRS), recently underwent a data breach_. Consequently, the personal details of customers across Dotty’s **175 locations** [were compromised](https://portswigger.net/daily-swig/data-breach-at-us-restaurant-and-gambling-chain-dottys-may-have-leaked-sensitive-customer-information). As per the statements of NRS, the adversaries used malware to [access Dotty’s computer systems](https://www.prnewswire.com/news-releases/nevada-restaurant-services-inc-provides-notice-of-data-privacy-event-301369180.html). The malware was discovered on 16th January when the attacker was found accessing and stealing customer data. The compromised details include the customers’ names, social security numbers, DOBs, passport numbers, driver’s license numbers, financial account numbers, credit card numbers, taxpayer-identification numbers, biometric data, [health insurance](https://portswigger.net/daily-swig/healthcare) details, medical records, and treatment information.

_NRS has not revealed the exact number of people affected by the breach_, but it sent individual breach notifications to all victims. It urges customers to take [anti-phishing protection](/) measures and check the press release for more details. NRS has taken the necessary steps for protection against cyber attacks and launched an investigation to get to the roots of the attack.

### Ransomware Hits City of Bridgeport

Attacks on city governments are a common sight these days and the latest city to be targeted by a [ransomware attack is Bridgeport](https://wajr.com/bridgeport-city-government-hacked-residents-put-on-notice/). _The residents of Bridgeport have been informed of the incident via a five-page letter._ The attack took place in late May 2021 where the adversaries encrypted the IT systems of the city and refused to let go until a ransom was paid.

The notification goes on to say that the issue had now been resolved and all resident operations restored. The FBI Cyber Crimes Division was also notified of the attack, and the investigations revealed that _the adversaries were able to access specific files stored on the city’s systems_. The compromised information might have included residents’ dates of birth, social security numbers, driver’s license numbers, addresses, and other information they might have used to create city accounts. As a measure to ensure [protection from phishing](/), Bridgeport residents have until 31st December 2021 to apply for a year of complimentary [identity theft protection](/resources/phishing-identity-theft/) and credit monitoring.

### Cyberattack Hits Bangkok’s Bhumirajanagarindra Kidney Institute Hospital

In a recent cyberattack, the personal details of **over 40,000 patients** from Bangkok’s Bhumirajanagarindra Kidney Institute Hospital [were compromised](https://www.bangkokpost.com/thailand/general/2178503/hacker-steals-40-000-patients-data-from-kidney-hospital). Dr. Thirachai Chantharotsiri, the hospital director, informed of the breach, saying that staff at _the hospital in the Ratchathewi district were unable to access the patient database from their systems_ which led them to initiate an investigation. The system check revealed the adversaries had stolen patient information and treatment history from the hospital’s servers.

The hospital later received a call from an English-speaking man claiming to have hacked the hospital system. He said he would keep in touch till the ransom payment procedure was complete. The hospital took measures to [prevent phishing](/) attacks and informed the Phaya Thai police. Although the hospital had an active backup system, some of the data were still lost, which caused a delay in certain services. _Tech experts are now trying to recover this lost data_.

### Cyberattack Hits The United Nations

_The adversaries have made their way into the computer network of the United Nations by using the stolen login credentials of a UN employee_. The attackers took over the employee’s Umoja account by obtaining the credentials from a [data leak website](https://thehackernews.com/2021/09/hackers-leak-vpn-account-passwords-from.html) on the dark web. Umoja is the UN’s enterprise resource planning system implemented in 2015.

The adversaries’ objective was to gain access to more UN employee accounts that facilitate long-term intelligence gathering. The breach first happened on 5th April 2021 and continued till 7th August. _The adversaries were more interested in data collection_ and had not damaged the UN’s computer network.

The UN believes that the malicious actors only took screenshots of the compromised network, but _security experts think that the data was stolen_. The UN doesn’t seem to be worried about the intrusion as it is frequently subjected to such attacks. It has adopted corrective measures for [protection against phishing](/) attacks.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 38 of 2021","description":"Cybersecurity Updates For The Week 38 of 2021: Threat actors continue with their nefarious activities to target organizations around the world . The.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-38-of-2021/","datePublished":"2021-09-17T11:22:29.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-09-17T11:22:29.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-38-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1299,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/09/anti-phishing-software-4563.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 38 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-38-of-2021/"}]}
```