--- title: "Cybersecurity Updates For The Week 47 of 2020 | Phish Protection" description: "Security experts insist on employing phishing prevention best practices as countless phishing attacks are launched by cyber adversaries every day." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-47-of-2020.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-47-of-2020/" --- Quick Answer Security experts insist on employing \[phishing prevention best practices\](/phishing-protection-best-practices-guide/) as \_countless phishing attacks are launched by cyber adversaries every day\_. Lack of preparedness among unsuspecting users is what makes hacker groups more confident in launching more and more cyber attacks. Hence, here are the top data breaches from the bygone week to help you make smarter choices when it comes to avoiding \*\*phishing campaigns\*\* and other such attacks. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-47-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2047%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-47-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-47-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-47-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2047%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2047%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-47-of-2020%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/11/what-is-phishing-4236.jpg) Security experts insist on employing [phishing prevention best practices](/phishing-protection-best-practices-guide/) as _countless phishing attacks are launched by cyber adversaries every day_. Lack of preparedness among unsuspecting users is what makes hacker groups more confident in launching more and more cyber attacks. Hence, here are the top data breaches from the bygone week to help you make smarter choices when it comes to avoiding **phishing campaigns** and other such attacks. ### \*\*\*\* Luxottica Discloses Data Breach To Customers In September, _World’s largest eyewear company Luxottica underwent a Nefilim ransomware attack_ that compromised data belonging to its finance departments and personnel office. Now [Luxottica has disclosed](https://securityaffairs.co/wordpress/110565/data-breach/luxottica-lenscrafters-eyemed-data-breach.html?web%5Fview=true) another data breach that happened sometime in August. They discovered the **security breach** in their appointment scheduling application on 25th August, which compromised some patient information. The exposed information includes patients’ personally identifiable information (PII) and protected health information (PHI). In some cases, it also included the credit card numbers and social security numbers of patients. As part of its [phishing prevention](/) scheme, Luxottica has extended a free two-year identity monitoring service to victims. They also advise patients to adopt **anti-phishing measures** and watch out for suspicious activities in their accounts. ### \*\*\*\* Prestige Software Leaks Data Of Global Hotel Bookers Prestige Software is a firm assisting hotels to handle their bookings on top booking sites. However, researchers at [Website Planet](https://www.hackread.com/hotel-reservation-platform-data-leak-online-booking-sites/?web%5Fview=true) _recently discovered a misconfigured AWS S3 bucket belonging to Prestige Software_, which was left unprotected online. The resultant **data breach exposed** the sensitive information of millions of global customers of websites, including Agoda, Amadeus, Booking.com, Hotels.com, Expedia, Hotelbeds, Omnibees, and Sabre. _Experts believe that the database has been publicly available online at least since mid-July_; it was reported only in September. An estimated **24.4 GB of data**, with over 10 million files were compromised in this breach. Customers who traveled even in 2013 stand a chance of having their data exposed. The affected customer details include full names, email addresses, phone numbers, NIC numbers, hotel reservation number, date and duration of stay, credit card credentials, etc. While _Prestige Software should be ready to pay a huge penalty_, customers are advised to protect themselves from phishing by taking necessary security measures. ### \*\*\*\* Data Breach Hits Bigbasket The Alibaba Group and Mirae Asset-Naver Asia Growth Fund sponsored Indian e-grocery store [BigBasket recently underwent a data breach](https://gbhackers.com/bigbasket-data-leak/?web%5Fview=true), which has exposed the details of **over 20 million** of its users (a 15 GB SQL file). _The breach has been reported by researchers at Cyble_, who list the database contents to be the names, email IDs, hashed passwords, phone numbers, addresses, DOBs, location, IP addresses, etc. The breach probably happened on 14th October, but the customers were notified only on 7th November. ![What is phishing](https://media.mailhop.org/phishprotection/images/2020/11/what-is-phishing-4236.jpg) Shoppers who made purchases from BigBasket in the past are advised to take measures for [protection against phishing](/), change their passwords, and closely monitor their bank accounts for suspicious activities. ### \*\*\*\* Ransomware Hits Laptop Manufacturer Compal _The world’s second-largest laptop manufacturer Compal recently underwent a ransomware attack_. The [DoppelPaymer](https://www.zdnet.com/article/compal-the-second-largest-laptop-manufacturer-in-the-world-hit-by-ransomware/?&web%5Fview=true) ransomware gang is suspected to be the threat actor responsible. Although the attack has impacted only Compal’s internal computer network, work remained at a halt for the weekend. The employees were instructed by the IT department to back up unencrypted files on their system. However, Compal’s Deputy Manager Director Qingxiong Lu, has denied a **ransomware attack**. He only mentioned that the enterprise underwent a security breach and is facing internal abnormalities. Measures are now being taken to [prevent phishing attacks](/products/advanced-threat-defense/) and restore encrypted systems. ### \*\*\*\* Hacker Sells 5.8 Million Reddoorz User Records _The hotel management & booking platform RedDoorz underwent a data breach in September_, where third parties accessed one of their databases. RedDoorz notified then that there was no evidence for them to believe any sensitive **information was leaked** or misused, but a _database has been put up for sale on the dark web_ now, which is believed to be RedDoorz’s. The adversaries are selling a [RedDoorz database](https://www.bleepingcomputer.com/news/security/58-million-reddoorz-user-records-for-sale-on-hacking-forum/?&web%5Fview=true) with **5.8 million user records** and have even attached a sample database containing 587 user records. The compromised details include a user’s full name, email, gender, bcrypt hashed password, link to profile photo, phone number, date of birth, and occupation. Although no financial information was involved in this breach, users are advised to take [anti-phishing protection](/products/advanced-threat-defense/) seriously and change their passwords as early as possible. _Users must further ensure the use of unique and strong passwords for all their accounts_. ### \*\*\*\* Beware Of Free Gift Hampers from Cadbury _A group of scammers is tricking people into divulging their personal and financial details using Cadbury’s free gift hampers as bait_. These scammers have a fake Facebook Group with Cadbury’s official logos [spoofed](https://www.infosecurity-magazine.com/news/cadbury-social-media-scammers/?&web%5Fview=true) into their so-called Cadbury Rewards campaign. They tell people that Cadbury is sending out a hamper to anyone who replies to their post before midnight to mark their 126 years of existence. ![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2020/11/what-is-a-zero-day-attack-5165.jpg) _The scammers have played smart and even included messages from fake ‘Managers’ at Cadbury_. Victims are taken to a Cadbury **phishing page** upon clicking the link where they are asked to enter their details such as names, addresses, phone numbers, email addresses, bank credentials, etc. Cadbury owner Mondelēz has clearly stated that they have launched no such campaigns or giveaways. While Cadbury is doing its part to get rid of this scam, users must be rational and adopt necessary [anti-phishing solutions](/) before believing random giveaways to be true and giving out their PII. ### \*\*\*\* Sandicliffe Customers To Stay Vigilant Sandicliffe Motor Group underwent a [data breach](https://www.am-online.com/news/dealer-news/2020/11/09/sandicliffe-customer-data-breach-could-affect-thousands?&web%5Fview=true) in February, which was immediately reported to the Information Commissioner’s Office (ICO). Sandicliffe Motor Group, too, took **anti-phishing** measures and notified customers and employees about the same. But a recent analysis by specialists at CEL Solicitors reveals that thousands of employees (current and past) and customers may have been affected in the Sandicliffe breach. Since _the damage is much more extensive than anticipated_, all customers are advised to monitor their bank accounts constantly and report any suspicious activity to the authorities. ### \*\*\*\* Data Breach Hits Animal Jam Online gaming world for kids, _Animal Jam recently underwent a data breach that they had investigated and stopped_. However, a [recent database](https://www.bleepingcomputer.com/news/security/animal-jam-kids-virtual-world-hit-by-data-breach-impacts-46m-accounts/?&web%5Fview=true) put up for sale on the dark web by threat actors reveals that a lot of user records from the Animal Jam breach were compromised without their knowledge. As many as **46 million user** records were put up for sale, but Animal Jam claims that this is only a subset of all the user data stored with them since 2010. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 47 of 2020","description":"Security experts insist on employing phishing prevention best practices as countless phishing attacks are launched by cyber adversaries every day.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-47-of-2020/","datePublished":"2020-11-21T14:20:02.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-11-21T14:20:02.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-47-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1104,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/11/what-is-phishing-4236.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 47 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-47-of-2020/"}]} ```