---
title: "Cybersecurity Updates For The Week 39 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 39 of 2021: Phishing is a recurrent problem in the cyber world, and if you are connected to the internet, then chances are."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-39-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-39-of-2021/"
---

Quick Answer

Phishing is a recurrent problem in the cyber world, and \_if you are connected to the internet, then chances are you have witnessed or undergone some form of a \*\*phishing attack\*\*\_; whether you fell for it or thwarted it is another story. Here are the \[phishing headlines\](/tags/announcements/) in the spotlight this week to help you plan your \[phishing prevention\](/) strategies and maintain robust cyber hygiene:

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-39-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2039%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-39-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-39-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-39-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2039%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2039%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-39-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/09/zero-day-attack-prevention-4025.jpg) 

Phishing is a recurrent problem in the cyber world, and _if you are connected to the internet, then chances are you have witnessed or undergone some form of a **phishing attack**_; whether you fell for it or thwarted it is another story. Here are the [phishing headlines](/tags/announcements/) in the spotlight this week to help you plan your [phishing prevention](/) strategies and maintain robust cyber hygiene:

### Data Breach Hits Texas Cancer Centres

_The Austin (Texas) Cancer Centers recently notified the Maine attorney general’s office of a data breach_ that [brought down its IT systems](https://www.beckershospitalreview.com/cybersecurity/cyberattack-leads-to-it-outage-at-texas-cancer-clinics-exposing-36-000.html) and affected the **data of 36,503 patients**. The malware deployed by adversaries was first discovered on 4th August 2021 and revealed to the public on 27th August. Soon after the attack disclosure, the cancer centers shut down their IT network as a [phishing attack prevention](/products/advanced-threat-defense/) measure.

The investigations into the breach suggested that the adversaries got into the network of the Austin Cancer Centres on 21st July 2021, a fortnight before the unauthorized access was finally detected and removed. Maine’s attorney general’s office was informed about the **security incident** only recently.

The cancer centers were working offline in the interim. Whether it was a [ransomware attack](/resources/ransomware-attack-why-organizations-pay-ransom/) remains to be disclosed. The compromised patient information includes their names, DOBs, social security numbers, addresses, credit card details, and health information. Affected patients can avail the free fraud insurance and credit monitoring service that Austin Cancer Centers are providing.

### COVID-Test Results Leaked From French Hospitals in Paris

_French hospitals were breached in the Paris region, which compromised the COVID-19 test results, medical data, and PII_ (Personally Identified Information) of **over 1.4 million people**. These details are from the middle of 2020\. The Paris prosecutor’s office was informed on 12th September. The [compromised information](https://www.securityweek.com/mass-personal-data-theft-paris-covid-tests-hospitals) included the contact details, health information, test results, and social security numbers. Fortunately, no other health information was exposed.

![Zero day attack prevention](https://media.mailhop.org/phishprotection/images/2021/09/zero-day-attack-prevention-4025.jpg) 

The hospitals will eventually notify all affected individuals of the breach. The French watchdog CNIL investigated the breach and found that _the adversaries were not looking for the national testing files_. They were more interested in the contact tracing information available on a secure file sharing service used by the hospitals for storing COVID-tests-related data. The health ministry is bent on taking this matter to the next level so that no [anti-phishing measures](/blog/ransomware-hits-reason-why-businesses-need-to-adopt-robust-anti-phishing-measures/) get overlooked or overruled in the future.

### Ransomware Attacks on The US Hospitals

_California-based LifeLong Medical Care and Arizona-based Desert Wells Family Medicine recently underwent ransomware attacks_ and are now sending out [breach notifications](https://www.zdnet.com/article/healthcare-orgs-in-california-arizona-send-out-breach-notice-letters-for-nearly-150000-after-ssns-accessed-during-ransomware-attacks/) to affected individuals.

**Over 115,000 people** were affected by the attack on LifeLong Medical, which took place on 24th November 2020\. Although the breach notification does not mention which ransomware gang is behind the attack, it is known that LifeLong Medical’s third-party service provider Netgain first discovered the attack. _The healthcare provider took six months to finish investigating the incident_. It was found that the names, DOBs, social security numbers, treatment information, cardholder numbers, etc., of patients were compromised in the attack. As part of its measures for [protection against phishing](/) attacks, LifeLong Medical Care urges victims to avail its free fraud alert and credit monitoring services.

Similarly, in the ransomware attack on Desert Wells Family Medicine, _35,000 people were affected_. The attack was discovered on 21st May, but the malware was probably deployed before that. The hospital immediately informed law enforcement and hired an external incident response team to recover the corrupted patient health records. The compromised information includes patients’ account numbers, DOBs, social security numbers, driver’s license numbers, medical records, social security numbers, etc.

### Ransomware Hits South Africa’s DOJCD

_The South African Department of Justice and Constitutional Development was recently hit by a ransomware attack_ that [affected many of its services](https://securityaffairs.co/wordpress/122128/cyber-crime/department-of-justice-and-constitutional-development-of-south-africa-ransomware.html), including bail and email services. The department has reassured people that it takes cybersecurity very seriously and would do everything in its power to ensure [phishing attack prevention](/) in the future.

In this attack, the adversaries could not exfiltrate any data, and the child maintenance payments remained unaffected as the payments were already processed. The attack took place on 6th September and brought down all information systems. Law enforcement was immediately brought on a loop, and the department has _adopted measures to prevent further phishing attacks_. The ransomware gang responsible for the attack remains unnamed.

### Ransomware Hits Medical Technology Organization Olympus

With a century-old history of working in medical technology, _Olympus is a known name that recently underwent a cyber attack_. Its IT systems in Europe, Africa, and the Middle East were affected in the attack on 8th September 2021.

![Office 365 email protection](https://media.mailhop.org/phishprotection/images/2021/09/office-365-email-protection-0423.jpg) 

Soon after [detecting the attack](https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-hits-medical-technology-giant-olympus/), Olympus deployed its incident response team and forensics experts to investigate the breach and restore systems. All data transfers have been restricted to affected systems. Fortunately, _no customer data was involved in the incident_. While Olympus has not disclosed the name of the ransomware operators responsible for the attack, evidence points towards the BlackMatter gang (a new malware gang believed to be the successor of DarkSide). Olympus is taking all necessary[ anti-phishing protection](/) measures to restore its systems at the earliest.

### GetHealth Leaves Database Unprotected Online

_New York-based wearable technology enterprise GetHealth recently left an unprotected database_ [publicly available online](https://www.zdnet.com/article/over-60-million-records-exposed-in-wearable-fitness-tracking-data-breach-via-unsecured-database/), which affected **over 61 million records**. These records include the names, weight, gender, height, DOB, and GPS details of users of its apps, wearables, and medical devices. The security incident was first spotted on 30th June 2021 and was found to be primarily affecting Apple and Fitbit’s HealthKit users.

_The leaked database was about **16.71 GB in size**_, but fortunately, the organization quickly rectified its error and resolved the issue almost immediately after being notified. The exact amount of time till when the attackers had access to this database is hard to tell, but GetHealth is working proactively to ensure [protection from phishing](/blog/protection-from-phishing-a-growing-threat-in-todays-information-age/) in the future.

### Ransomware Hits Digital Painting Platform Krita

Unlike usual [ransomware attacks](/resources/how-to-deal-with-ransomware-attacks/), this time, the adversaries have not directly targeted the organization Krita but have used its name to distribute malware among users. The **phishing email** seemed quite usual as it asked recipients to download the (fake) [Krita app](https://www.theregister.com/2021/09/14/krita%5Fusers%5Ftargeted%5Fby%5Fransomware/) by going to a link and mentioning the app on a YouTube video. The email promised good money to these promoters based on their online popularity and number of YouTube subscribers.

Those falling for _this email end up downloading a corrupt application hosting a ransomware dropper_ which takes over their systems, encrypts files and demands a ransom to undo everything. _The emails come from legitimate-looking domains, which make them all the more credulous_. The email recipients have been urged to adopt the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) and delete all emails that do not come from Krita’s official handles krita.org and krita-artists.org. First spotted about a month ago, these Krita ransomware attacks persist, with the last recorded attack on 11th September. However, after the user reports, some fake sites have stopped responding, which means that at least one or more fake handles have been terminated so far.

### Ragnar Locker Attacks TTEC

\_Provider of customer support and sales management services, TTEC is struggling to survive a system outage caused by a recent ransomware attac\_k. The [attack was uncovered](https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/) on 14th September when an insider leaked a [phishing alert](/tags/announcements/) email circulated among TTEC employees. In this email to employees, TTEC specifies that it underwent the attack on 12th September and suspects Ragnar Locker is responsible for it. _The email urged employees to refrain from clicking on any message in their Windows start menu that reads: ”!RA!G!N!A!R!”_

The severity of the attack remains undisclosed, but TTEC is trying hard to contain the attack and restore systems. An investigation has been launched, and TTEC has confirmed that no customer data was affected in the breach. The enterprise is working on restoring systems and shall be back with strengthened [phishing protection](/blog/how-to-achieve-the-best-phishing-protection/) strategies.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 39 of 2021","description":"Cybersecurity Updates For The Week 39 of 2021: Phishing is a recurrent problem in the cyber world, and if you are connected to the internet, then chances are.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-39-of-2021/","datePublished":"2021-09-24T10:26:39.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-09-24T10:26:39.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-39-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1326,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/09/zero-day-attack-prevention-4025.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 39 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-39-of-2021/"}]}
```