---
title: "Cybersecurity Updates For The Week 4 of 2022 | Phish Protection"
description: "Phishing attack prevention can never be an absolute target; there will always be the presence of notorious threat actors in the cyberworld."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-4-of-2022.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-4-of-2022/"
---

Quick Answer

\[Phishing attack prevention\](/content/phishing-prevention/) can never be an absolute target; there will always be the presence of notorious threat actors in the cyberworld. Hence, one must focus on learning to live in coexistence without letting the adversaries get their hands on confidential information. To this end, here are the \[major hacks and cyberattacks\](/tags/announcements/) this week.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-4-of-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%204%20of%202022&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-4-of-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-4-of-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-4-of-2022%2F&title=Cybersecurity%20Updates%20For%20The%20Week%204%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%204%20of%202022&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-4-of-2022%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/01/how-to-prevent-phishing-7425.jpg) 

[Phishing attack prevention](/content/phishing-prevention/) can never be an absolute target; there will always be the presence of notorious threat actors in the cyberworld. Hence, one must focus on learning to live in coexistence without letting the adversaries get their hands on confidential information. To this end, here are the [major hacks and cyberattacks](/tags/announcements/) this week.

### Data Breach Hits ShopGoodwill.com

The e-commerce auction platform, _ShopGoodwill.com, owned by the American non-profit Goodwill, recently [underwent a data breach](https://www.bleepingcomputer.com/news/security/goodwill-discloses-data-breach-on-its-shopgoodwill-platform/) that compromised customer accounts_. As part of its [phishing prevention](/) measures, ShopGoodwill Vice President, Ryan Smith sent out breach notifications to customers citing that some of their personal contact details may have been affected as part of the breach. Fortunately, _the incident did not affect customers’ payment card details and only leaked buyer contact information_.

ShopGoodwill has now **fixed the vulnerability** causing the breach and apologized to all customers for the inconvenience caused. Investigations into the breach continue, and customers with queries on the same have been instructed to contact Goodwill via email.

### Data Breach Hits Aditya Birla Fashion

_A data breach recently hit Indian fashion brand, Aditya Birla Fashion_, where adversaries accessed one of its databases and made it public. The [initial reports revealed](https://www.cnbctv18.com/business/companies/aditya-birla-fashion-confirms-data-breach-but-says-no-sensitive-info-was-compromised-12163482.htm) that the incident affected some customer information (names, addresses, contact numbers, DOBs, credit card details, order histories, and passwords) and employee information (religion, salary details, and marital status).

![How to prevent phishing](https://media.mailhop.org/phishprotection/images/2022/01/how-to-prevent-phishing-7425.jpg) 

As part of its measures for [protection against phishing](/), the organization sent out breach notifications to all customers stating that **no financial data was leaked** and adversaries accessed only parts of their personally identifiable information (PII). Later, after detailed investigations, Aditya Birla Fashion once again addressed its customers on its portal and _assured them that the data breach did not leak their sensitive information_.

### The City of Tenino Loses $280,309 to Employee Approved Fraudulent Payments

While _fake payment requests from seemingly genuine organizations are a known phishing scam_, few people take **preventive measures** to handle such scams. An example of this is the City of Tenino, where its former Clerk-Treasurer John Millard caused a **loss of $280,309** to the city. Between 19th March 2020 and 4th May 2020, Millard approved 20 automated clearing house payments from the city’s bank account to many out-of-state bank accounts. _He did not verify the authenticity of the emails requesting payment or seek the city’s approval before releasing the payment_. It is yet to be established if Millard had any vested interests in this, but he resigned in December last year and moved out of state soon after.

Interestingly, Millard was not the only one to receive these [phishing emails](/blog/sophisticated-new-tactic-makes-phishing-emails-harder-to-detect/), several other [state employees received them](https://www.govtech.com/security/washington-city-loses-280-309-to-successful-phishing-scam), but the recipients either ignored the emails or reported them, which prevented any damage, but Millard took things into his own hands, and the repercussions had to be borne by the state. Millard exhibited this negligence of [anti-phishing solutions](/content/anti-phishing/) despite receiving training in cybercrimes when he served the U.S. military.

He doubted the payment on 5th May 2020 when a Texas-based bank approached him, saying that someone had come to withdraw funds from an account that received an ACH payment and then tried to close the account. When Millard approached the professional association regarding the same, they seemed **unaware of such a transaction**. This is _when Millard saw the red flag and informed the Mayor of Tenino city about the loss of funds to the scam_.

Washington State Patrol undertook the initial investigations and then forwarded the case to the Federal Bureau of Investigation. The Tenino Auditor’s office claims that the scam was a success because Millard was the sole person in charge of all the city’s bank accounts and needed no monitoring to initiate electronic transfers. _The city of Tenino has adopted preventive measures ever since and secured its wire transfer and ACH transaction process with dual control._ In addition, it has hired a Lacey-based IT organization called Right! Systems Inc., to help secure its systems and network.

### Cyberattack Targets OpenSubtitles

Popular website providing free movie subtitles _OpenSubtitles underwent a ransomware attack in August last year and paid a ransom to recover its files_, but unfortunately, the adversaries have [leaked its data now.](https://therecord.media/opensubtitles-discloses-successful-extortion-attempt-data-breach/) _The data breach came to the surface after a copy of the leaked files was listed by Have I Been Pawnd recently._ Data belonging to **over 6 million** registered OpenSubtitles users was compromised in the incident. The exposed user information includes users’ usernames, email addresses, and MD5 password hashes.

In its defense, OpenSubtitles states that its site dates back to 2006\. This is why all its passwords were stored in MD5() hashes without salt until now. This made it very easy to break passwords. As part of its [anti-phishing protection](/) measures, OpenSubtitles has updated its code and recommends users change their passwords at the earliest as a precaution. Fortunately, no payment card information was compromised because of the breach.

_OpenSubtitles mentioned that the breach was caused because of the unhealthy password habits of an admin_. It noted that the adversaries approached OpenSubtitles on Telegram in August 2021, giving evidence of their access to its network. _The threat actor promised to delete the stolen data when OpenSubtitles paid the BTC ransom_. Despite the ransom amount being too high, the organization complied, hoping that customer data would be safe, but we all know what truth lies in attackers’ promises!

### AlphV/BlackCat Ransomware Targets Moncler

_The AlphV/BlackCat ransomware attacked the Italian luxury fashion giant, Moncler_ in the final week of December 2021 and [stole some of its files](https://www.bleepingcomputer.com/news/security/fashion-giant-moncler-confirms-data-breach-after-ransomware-attack/). While informing people of the breach, Moncler had said that the attack would lead to nothing beyond a temporary outage. Moncler had taken necessary measures to [prevent phishing attacks](/content/phishing-prevention/prevent-phishing/) and restored its logistic systems ten days after the attack.

_A month later, the ransomware operators published the stolen files on the dark web_. The compromised information includes details belonging to Moncler’s customers, current and former employees, consultants, suppliers, and business partners. Reportedly, _the data breach was caused because Moncler refused to pay the demanded ransom_. Fortunately, customers’ financial data remains unaffected by this incident. In its statement, Moncler stated with conviction that anybody found distributing the **stolen data** further would be penalized. Moncler is one of the first victims of the new RaaS actor ALPHV (**BlackCat**). Moncler has informed the Italian Data Protection Authority and the enterprise stakeholders to minimize the attack’s impact.

### Unauthorized Withdrawals Distress Crypto.com Users

_Around 483 Crypto.com users recently saw the unauthorized withdrawal of cryptocurrency from their accounts_, something that Crypto.com has been hinting at since last week. The official statement informing of the incident was released shortly after. The platform has disabled the option allowing users to withdraw funds to ensure [protection from phishing](/) attacks. While in most cases, Crypto.com could prevent the threat actors from making [unauthorized withdrawals](https://www.zdnet.com/article/crypto-com-confirms-483-users-hit-in-attack-that-saw-over-31m-in-coins-withdrawn/), customer funds were reimbursed at the platform’s expense for all the rest of the cases.

![What is spear phishing](https://media.mailhop.org/phishprotection/images/2022/01/what-is-spear-phishing-7321.jpg) 

The illegal withdrawals totaled 443.93 BTC, 4,836.26 ETH, and around US$66,200 in other cryptocurrencies. This amounted to **nearly $31 million** in regular currency. _The incident was detected when Crypto.com saw withdrawals happening without any role of the 2FA in place_. The platform immediately revoked all 2FA tokens and implemented its incident-response measures. The entire episode **caused a downtime** of around 14 hours. Crypto.com’s **robust cybersecurity** measures also shifted to an entirely new 2FA infrastructure.

### Cyberattack Hits the International Committee of the Red Cross

A sophisticated [cyber-attack recently](https://www.zdnet.com/article/red-cross-hit-with-cyberattack-that-compromised-data-of-515000-highly-vulnerable-people/) hit the International Committee of the Red Cross (ICRC) and compromised the personal data of **over 515,000 people.** The attack targeted servers hosting highly sensitive information belonging to people separated from their families due to migration, conflict, disaster, detention, etc. _The breach affected more than 60 Red Cross and Red Crescent National Societies across the globe_. The attack did not directly target the ICRC servers but targeted its third-party data storage provider based in Sweden.

In its statement, the ICRC does not call this a **ransomware attack** as the attack did not shut the systems down. ICRC brought down its systems, particularly the “Restoring Family Links” program, as part of its [anti-phishing](/) measures. So far, there is no evidence to prove that the confidential data people shared with ICRC was compromised, and neither has any threat actor come up and taken ownership of the attack.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 4 of 2022","description":"Phishing attack prevention can never be an absolute target; there will always be the presence of notorious threat actors in the cyberworld.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-4-of-2022/","datePublished":"2022-01-27T09:45:12.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-01-27T09:45:12.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-4-of-2022/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1400,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/01/how-to-prevent-phishing-7425.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 4 of 2022","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-4-of-2022/"}]}
```