---
title: "Cybersecurity Updates For The Week 7 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 7 of 2021: The distinctive form of cyberattack that continues to jeopardize world organizations is phishing , and this."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-7-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-7-of-2021/"
---

Quick Answer

The Compilation of Many Breaches (COMB) attack from 2017, which exposed the emails and passwords of \*\*1.4 billion users\*\*, is now overtaken by the latest breach. \_Threat actors have made a database with over 3.2 billion unique passwords and emails publicly available for free on a hacker forum\_. The \[exposed details\](https://cybernews.com/news/largest-compilation-of-emails-and-passwords-leaked-free/?web\_view=true) belong to multiple breaches of sites like Bitcoin, LinkedIn, Netflix, Exploit.in, etc.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-7-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%207%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-7-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-7-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-7-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%207%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%207%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-7-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/02/phishing-protection-4850.jpg) 

_The distinctive form of cyberattack that continues to jeopardize world organizations is phishing_, and this week too, we can mention at least a hundred **phishing attacks** capable of shutting down institutions. The following are the latest phishing news bits from across the world. Let us consider effective [phishing prevention](/) solutions as we read through these attacks:

### 3.2B Emails And Passwords Leaked In The Largest COMB Till Date

The Compilation of Many Breaches (COMB) attack from 2017, which exposed the emails and passwords of **1.4 billion users**, is now overtaken by the latest breach. _Threat actors have made a database with over 3.2 billion unique passwords and emails publicly available for free on a hacker forum_. The [exposed details](https://cybernews.com/news/largest-compilation-of-emails-and-passwords-leaked-free/?web%5Fview=true) belong to multiple breaches of sites like Bitcoin, LinkedIn, Netflix, Exploit.in, etc.

As researchers add the leaked data to software like **Personal Data Leak Checker**, it is advised that users change their passwords as early as possible. [Phishing prevention tips](/content/phishing-prevention/) by experts always recommend the use of **unique passwords** for all online accounts. If users have the habit of using the same password for their Gmail, LinkedIn, and Netflix account, then a breach of just one of these websites is enough to make their other accounts vulnerable. The leaked database stored records in alphabetical order and uses the same scripts as the 2017 COMB. 

### 16k Card Details Of Foxtons’ Customers Leaked

_The Alexander Hall mortgage broking business of the estate agent Foxtons Group underwent a cyberattack in October 2020_, which exposed customers’ card and personal details from 2010 and before. Now users have found a **sample database on the dark web** [selling these records](https://www.infosecurity-magazine.com/news/thousands-of-foxtons-customers/?&web%5Fview=true). While _Foxtons claims that the exposed data won’t be much useful to launch an attack_, a test done on a small sample of the leaked data reveals that one-fifth of the exposed cards are still functional.

![Phishing protection](https://media.mailhop.org/phishprotection/images/2021/02/phishing-protection-4850.jpg) 

_The database contains 16,000 records, but the exact number of affected customers remains unclear_. In the four months that the data has been available online, it was viewed 15,000 times, suggesting that the threat actors have probably made their copies of the data by now. Foxton customers are advised to adopt the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) and regularly monitor their credit history for suspicious activities.

### Data Breach Hits Escortreviews.com

The US-based site Escortreviews.com promoting female escorts and reviews _recently underwent a data breach that exposed the details of over 4,70,000 of its members_. The adversaries have now posed this stolen data from their vBulletin forum database on the dark web. The [exposed details](https://www.bleepingcomputer.com/news/security/female-escort-review-site-data-breach-affects-470-000-members/?&web%5Fview=true) include the names, email addresses, Skype names, DOBs, MD5 hashed passwords, and IP addresses of registered users. While the most recent data on Escortreviews.com is from September 2018, the latest cached Google search page dates to January 21st, 2021\. 

_Their website is currently showing visitors a vBulletin database error_. EscortReviews runs on vBulletin 3.8.9, which is known for its vulnerabilities. Adding to this is the fact that passwords were hashed using MD5, which gets decrypted easily. Members of EscortReviews worried about their security must immediately use measures for [protection from phishing](/) and change their passwords to strong and unique alphanumeric combinations.

### Cyberattack At Security Firm Stormshield

_The France-based security firm Stormshield which provides its services to the French government, recently underwent a cyberattack_. The adversaries could compromise one of its customer support portals and partially steal the Stormshield Network Security (SNS) **firewall source code**. As a [phishing attack prevention](/products/advanced-threat-defense/) measure, Stormsfield has collaborated with the cyber-security agency ANSSI to investigate this breach.

While the investigation continues, the Stormshield SNS and SNI products will remain under vigilance. The firm takes all possible **anti-phishing measures** such as reviewing its [SNS source code](https://www.zdnet.com/article/security-firm-stormshield-discloses-data-breach-theft-of-source-code/?&web%5Fview=true), replacing digital certificates used to sign SNS software updates, resetting passwords for all support portals, etc. In addition, all customers and partners whose information may have been compromised have been notified of the same.

### Spotify Undergoes Second Credential Stuffing Attack In Three Months

_Over 100,000 Spotify users received a password reset notification following a credential stuffing attack targeted at the music streaming service_. **Credential-stuffing attacks** target those users who reuse passwords for multiple accounts. Using an automated script, the adversaries can quickly try the stolen IDs and passwords on various accounts and see if they can make their way in.

The latest breach was discovered by security researcher Bob Diachenko who also attached a Spotify statement confirming the breach on this Tweet. The data was initially exposed in a misconfigured Elasticsearch cluster with lots of information on users’ activities, emails, passwords, etc. To ensure [anti-phishing protection](/), Spotify has asked all impacted users to [reset their passwords](https://threatpost.com/spotify-credential-stuffing-cyberattack/163672/?web%5Fview=true). They have also asked the concerned ISP to bring down the database.

To stay ahead of credential stuffing attacks like this, _users must make it a rule never to reuse a password_. ‘One password one account’ must become the password-setting norm along with enabling multi-factor authentication (MFA).

### Ransomware Hits Major Brazilian Electric Utilities Companies

_Brazilian electric utility companies Copel and Eletribras underwent ransomware attacks recently_, which brought down their operations and systems. The Eletronuclear subsidiary of Eletrobras was attacked, which brought down their administrative network servers. However, the services at the Angra 1 and Angra 2 nuclear power plants were unaffected. The [company quickly](https://www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/?&web%5Fview=true) adopted measures to [prevent phishing](/) attacks and isolated its systems to contain the malware.

_The attack on Copel was from the Darkside ransomware group_. The adversaries **stole data exceeding 1,000 GB**, including the personal information of top management members and customers and confidential infrastructure details. The compromised information also includes password hashes, user objects, groups, group membership details, etc., of users. Copel first disclosed the breach in a filing with the Securities and Exchange Commission (SEC) and has been investigating the incident ever since.

### Data Breach Hits Sitepoint

_The online tutorials and books publisher SitePoint recently disclosed a cyberattack to a select group of users_. The website was hacked sometime last year, and the adversaries are now selling a database containing [details of 1 million](https://www.zdnet.com/article/webdev-tutorials-site-sitepoint-discloses-data-breach/?&web%5Fview=true) SitePoint users on the dark web.

![Protection from phishing](https://media.mailhop.org/phishprotection/images/2021/02/protection-from-phishing-7538.jpg) 

The email sent to users mentioned that their names, usernames, hashed passwords, email addresses, and IP addresses were probably compromised in the breach. The website advises its users to reset their passwords for all online accounts and make it at least ten characters long to ensure [phishing protection](/). For enhanced security, SitePoint has hashed and salted passwords with the bcrypt algorithm.

### Phishing Scam Uses Spoofed Microsoft Page Hosted On Google Firebase

In another phishing scam, the adversaries sent a [fake email](https://www.scmagazine.com/home/security-news/google-firebase-hosts-microsoft-office-phishing-attack/?web%5Fview=true) to users about an electronic funds transfer (EFT), which would require them to download an HTML invoice. The invoice then leads them to a **spoofed Microsoft Office page** hosted on Google Firebase. _The page looks exactly like the Microsoft login page_, entering details here, a user would give away his/her phone number, username, password, and alternate email address to the adversaries.

The fact that the page was _hosted on Google Firebase made it difficult for email security systems and **anti-phishing tools** to check its authenticity_. Users seldom doubt the legitimacy of emails that come from seemingly credible sources.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 7 of 2021","description":"Cybersecurity Updates For The Week 7 of 2021: The distinctive form of cyberattack that continues to jeopardize world organizations is phishing , and this.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-7-of-2021/","datePublished":"2021-02-10T12:31:07.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-02-10T12:31:07.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-7-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1201,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/02/phishing-protection-4850.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 7 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-7-of-2021/"}]}
```