--- title: "Cybersecurity Updates For The Week 48 of 2021 | Phish Protection" description: "This week" image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-48-of-2021.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-48-of-2021/" --- Quick Answer This week's news headlines highlight why \[phishing prevention\](/) should be a part of every organization's cyber risk management strategy. Here are the major \[phishing and data breach\](/blog/data-breaches-and-phishing-attacks-how-third-party-vendors-jeopardize-organization/) headlines from this past week. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-48-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2048%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-48-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-48-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-48-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2048%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2048%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-48-of-2021%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/11/phishing-prevention-software-8752.jpg) This week’s news headlines highlight why [phishing prevention](/) should be a part of every organization’s cyber risk management strategy. Here are the major [phishing and data breach](/blog/data-breaches-and-phishing-attacks-how-third-party-vendors-jeopardize-organization/) headlines from this past week. ### \*\*\*\* Data Breach Hits Costco _Costco customers are receiving breach notifications warning them of unauthorized payments_. The security incident was brought to light by several customers of Costco who took to social media to speak about [fraudulent charges](https://www.reddit.com/r/Costco/comments/q9b8r7/fraudulent%5Fcharges%5Fon%5Fcostco%5Fvisa/) associated with their Costco accounts. Investigations into the breach revealed that [adversaries had compromised](https://www.zdnet.com/article/costco-customers-complain-of-fraudulent-charges-company-confirms-card-skimming-attack/) users’ payment card information through a **card skimming device** at some Costco warehouses. _Anyone who shopped at Costco using their card was vulnerable to the attack at this unfortunate time of hackers being in its systems_. While executives from Costco can’t say for sure whether all customers were affected, it says in its breach notification that in the interim of hackers intruding its systems and the intrusion being discovered, the threat actors could have acquired the magnetic stripe of users’ payment cards. This would mean a compromise of their names, card number, CVV, and card expiry date. _Costco advises customers to check with their bank once and keep an eye on their credit card statements_. ![Phishing prevention software](https://media.mailhop.org/phishprotection/images/2021/11/phishing-prevention-software-8752.jpg) As part of its [anti-phishing protection](/blog/get-an-insight-on-various-types-of-anti-phishing-services/) measure, the company has approached law enforcement and extended a year of complimentary [identity theft protection](/blog/understanding-business-identity-theft-and-what-makes-businesses-vulnerable-to-these-identity-thefts/), credit monitoring, and a **$1 million insurance** reimbursement policy to all victims. ### \*\*\*\* Hacker Breaks Into FBI’s Email System _Malicious actors breached an FBI email server recently and sent spam emails to at least **100,000 peopl**_**e**. The spam emails sent across bizarre warnings to people that spoke about the cybersecurity writer Vinny Troia and the cybercriminal group [The Dark Overlord](https://www.bbc.com/news/technology-54247527), the link between the both being research done by Troia’s company (Night Lion Security) on The Dark Overlord back in January 2021\. After sending out technically incorrect information, the [attacker signed off the email](https://www.nbcnews.com/tech/security/hacker-takes-fbi-email-server-blasts-spam-thousands-rcna5530) as the US Cyber Threat Detection and Analysis Group (Department of Homeland Security), which has been inactive for two years now. Cybersecurity researcher Alex Grosjean highlighted that while adversaries believe that _they can **mask their identity** while sending spam emails from a compromised email address_, the email’s metadata usually makes the source server identifiable (which in this case was the FBI server). The recipients of this spam FBI email were mostly website administrators listed on the American Registry for Internet Numbers. An FBI spokesperson later clarified that the _adversaries exploited a flaw in the configuration of an agency messaging system_ (the Law Enforcement Enterprise Portal) but couldn’t access any FBI files. The FBI uses the LEEP system mainly to send messages to the local and state law enforcement partners. Therefore, it can be said for sure that no PII was exploited through the FBI’s network. ### \*\*\*\* Hacker Who Stole Robinhood Data is Now Selling it _An unnamed threat actor had recently used social engineering to hack into the email account of a Robinhood employee_ and had stolen **around 7 million** customer data. The threat actor has now emerged from the dark and owned up to [stealing this vast expanse of data](https://www.bleepingcomputer.com/news/security/7-million-robinhood-user-email-addresses-for-sale-on-hacker-forum/) from Robinhood customers. Going by the name of _pompompurin_, the attacker **stole 5 million** email addresses, 2 million names, and other sensitive information for around 310 individuals. _Pompompurin is selling this entire dataset on the dark web, except for the 310 individuals’ data which is more confidential in nature_. Reportedly, the attacker is demanding a five-figure amount ($10,000 or higher) in exchange for the Robinhood database. _Pompompurin has put up the data for sale even after attempting to extort the victim company_. And because of the high demand and nature of the stolen data, the attacker won’t have difficulty selling the database at a profitable and high price. The statement by Pompompurin reveals that Robinhood had initially refrained from disclosing the fact that ID cards too were compromised in the incident. Such instances of adversaries leaking or **stealing user data** prove why paying the demanded ransom and complying with attacker requests may not be the ideal choice. ### \*\*\*\* Singapore’s Most Significant Data Breach: RedDoorz Customers Affected In what may be the largest data breach in Singapore, the personal data of **over 5.9 million** customers of the hotel booking site RedDoorz was compromised. The customers of the site include Singaporeans and other Southeast Asian individuals. It must be noted that this is the most [severe data breach](https://www.straitstimes.com/tech/tech-news/59m-customers-of-reddoorz-hotel-booking-site-leaked-in-spores-largest-data-breach) to occur after the implementation of the Personal Data Protection Act. Hence, the Personal Data Protection Commission (PDPC) has imposed a **$74,000 fine** on Commeasure (the local firm running the RedDoorz website). This fine, however, is a lot less compared to penalties imposed on other industries as the PDPC is considerate of the hardships faced by the hospitality sector during the pandemic. The hardest-hit region in the RedDoorz breach is its Indonesian market. The company’s customers belong to Southeast Asian countries, and\_\*\* over 9,000\*\* Singaporeans were directly affected by the breach\_. The affected customer data included their names, email addresses, contact numbers, DOBs, booking details, and encrypted passwords. Fortunately, the passwords were encrypted, which means that the adversaries could not access them without finding a way to decode them. Further, the attackers couldn’t access customers’ masked credit card numbers. _RedDoorz customers must lookout for suspicious messages or emails and take measures to protect themselves from phishing_. ### \*\*\*\* Adult Cam Site StripChat Leaves Database Unprotected Online _StripChat is a popular online adult cam site that was recently found exposing the personal data of millions of users and models_. The [site left ElasticSearch data unencrypted](https://therecord.media/adult-cam-site-stripchat-exposes-the-data-of-millions-of-users-and-cam-models/) online for three days from 4th November to 7th November. This means that anybody could have accessed, downloaded and (mis)used the data stored on the StripChat database without a password. Consequently, the personal **data of millions** of site users and adult models stand the risk of being exploited for malicious purposes. ![Phishing protection](https://media.mailhop.org/phishprotection/images/2021/11/phishing-protection-2014.jpg) Discovered by the security researcher Bob Diachenko, the StripChat database contained the usernames, email and IP address, account details, and other information of **over 65 million** registered users. It further had _the personal data and strip scores of over 421,000 models along with 719,000 chat messages and 134 million transaction details_. However, the cam site was quick to take measures for [protection against phishing](/) and secured its servers within days of being notified. But the site is yet to announce publicly and inform users of the breach, something that can invite severe GDPR fines. There is no evidence of the database being discovered, accessed, or used by anyone other than Diachenko. The site eventually confirmed that the breach was the result of a routine server reconfiguration. There is no reason to believe that users’ payment or account details and passwords were accessed in the breach. ### \*\*\*\* Data Breach Hits California Pizza Kitchen (CPK) _A data breach recently hit the US pizza chain, California Pizza Kitchen (CPK)._ Consequently, the social security numbers of **over 100,000** former and current [employees were compromised](https://techcrunch.com/2021/11/18/california-pizza-kitchen-data-breach/). With outlets in over 250 locations across 32 US states, CPK has a broad customer base and thousands of employees. In its breach notification, CPK mentions that the intrusion was first detected on 15th September, and soon after noticing the disruption, the company took measures to contain the attack. The initial investigations revealed that certain files containing the names and **social security numbers** of employees were compromised. While the breach notification doesn’t highlight the number of employees affected, the Maine attorney general’s office notification mentions that 103,767 current and former CPK employees were involved in the incident, with former employees constituting a majority of the victims. CPK notes that **information security** is one of its highest priorities, and it has put [phishing attack prevention](/content/phishing-prevention/phishing-attack-prevention/) measures in place to prevent such an incident from happening again. ### \*\*\*\* Beware of Bait Attacks One of the latest attack schemes that adversaries are using includes **bait attacks**. _Bait attacks are the introductory and harmless emails sent to victims to verify their email address and their intent of responding to a phishing email_. These bait emails are usually blank and do not contain anybody or attachments, passing as harmless emails through [phishing email prevention](/blog/phishing-prevention-email-providers-arent-helping-any/) software. A recent cybersecurity [report by Barracuda states](https://cisomag.eccouncil.org/phishers-leverage-bait-attacks-to-harvest-personal-data/) that bait attacks launched through traditional mailing platforms like Gmail, Yahoo, and Hotmail are very effective in luring victims, especially the organizations in the Asia-Pacific region. It further revealed that bait attacks had targeted **over 10,500** global organizations since September this year. Hence, we must adopt suitable [phishing protection](/) measures to guard against such bait attacks. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 48 of 2021","description":"This week's news headlines highlight why phishing prevention should be a part of every organization's cyber risk management strategy.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-48-of-2021/","datePublished":"2021-11-26T07:21:02.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-11-26T07:21:02.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-48-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1439,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/11/phishing-prevention-software-8752.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 48 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-48-of-2021/"}]} ```