---
title: "Cybersecurity Updates For The Week 8 of 2022 | Phish Protection"
description: "While breaches and attacks are very common, not many people are aware of the impact these have on organizational networks and the information stored and shared."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-8-of-2022.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-8-of-2022/"
---

Quick Answer

While breaches and attacks are very common, not many people are aware of the impact these have on organizational networks and the information stored and shared therein. Here are the most significant \[phishing news headlines\](/tags/announcements/) this week to help plan your \*\*anti-phishing measures\*\*.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-8-of-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%208%20of%202022&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-8-of-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-8-of-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-8-of-2022%2F&title=Cybersecurity%20Updates%20For%20The%20Week%208%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%208%20of%202022&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-8-of-2022%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/02/phishing-protection-7538.jpg) 

While breaches and attacks are very common, not many people are aware of the impact these have on organizational networks and the information stored and shared therein. Here are the most significant [phishing news headlines](/tags/announcements/) this week to help plan your **anti-phishing measures**.

### Data Breach Hits Extend Fertility

_New York City (NYC) based fertility clinic, Extend Fertility recently underwent a cyberattack_. Now it is notifying patients of the probability of the compromise of their data. Specializing in IVF and freezing embryos and eggs, [Extend Fertility was attacked](https://www.infosecurity-magazine.com/news/fertility-clinic-hit-with/) on 15th December 2021, and the clinic had hired external forensic experts to investigate the nature of the attack then. Its servers and networks containing patients’ personal and protected health information (PHI) were affected.

However, Extend Fertility quickly adopted [phishing prevention](/resources/phishing-prevention-best-practices/) measures and conducted a month-long investigation into the breach. The information compromised in the attack includes patients’ full names, DoBs, contact numbers, genders, email addresses, diagnosis and treatment details, medical history, lab test results, dates of service, prescription details, medical account numbers, provider name, financial details, etc.

While the full extent of the attack remains to be figured out, the clinic has started notifying patients about the threat to their data. Extend Fertility has not disclosed the exact number of patients affected in the incident, but _it is offering free credit monitoring and identity protection to all victims_. Fortunately, there is no evidence of the misuse of the stolen patient information so far.

![Phishing protection](https://media.mailhop.org/phishprotection/images/2022/02/phishing-protection-7538.jpg) 

### Ransomware Hits San Francisco 49ers NFL Team

_A ransomware attack recently targeted the corporate IT network of the San Francisco 49ers NFL team and encrypted its files_. After the team [confirmed the attack](https://therecord.media/san-francisco-49ers-confirm-ransomware-attack/), the BlackByte ransomware gang took ownership of the attack by listing them on its data leak site. The San Francisco 49ers NFL quickly adopted [phishing attack prevention](/content/phishing-prevention/phishing-attack-prevention/) measures and initiated an investigation immediately.

So far, the attack seems to be confined to its corporate IT network. _The team also notified law enforcement and is working closely with an external team of cybersecurity experts_. Had the team qualified for Super Bowl LVI, this attack would have been catastrophic, but it is still trying to restore systems at the earliest.

### Ransomware Hits European Car Dealer Emil Frey

_A ransomware attack targeted one of Europe’s biggest car dealers, Emil Frey_, on 11th January 2022\. It was later confirmed (on 1st February 2022) that [Emil Frey had appeared on Hive’s list](https://www.zdnet.com/article/europes-biggest-car-dealer-hit-with-ransomware-attack/) of victims. The Swiss company had initiated its restoration measures soon after detecting the incident.

Hive was first spotted in August 2021 and has attacked **over 30 healthcare** and other organizations since then. It is known for demanding huge ransoms, and one can expect similar consequences in the case of Emil Frey. While the company is taking necessary [anti-phishing protection](/products/advanced-threat-defense/) measures, it has refrained from sharing specific details about the incident, such as the number of customers affected by the attack.

### Data Breach Hits Croatian Phone Carrier ‘A1 Hrvatska’

_A data breach recently hit the Croatian phone carrier ‘A1 Hrvatska’_, which exposed the personally identifiable information (PII) of **over 200,000 people** (10% of its customers). The breach notification merely [notifies customers of unauthorized access](https://www.bleepingcomputer.com/news/security/croatian-phone-carrier-data-breach-impacts-200-000-clients/) to one of its user databases without further details.

Reportedly, the customer information compromised in the incident includes their names, addresses, personal identification numbers, and telephone numbers. Fortunately, the database did not contain financial details, and hence no online account or bank details have been compromised. _A1 Hrvatska hired an external forensics team to investigate the breach and analyze the nature of the stolen documents_.

A1 Hrvatska is now informing affected customers about the breach on a one-on-one basis. The Zagreb Police is also continuing its investigations in this regard. The Croatian phone carrier profoundly regretted this unfortunate incident and had adopted additional security measures to [prevent phishing attacks](/blog/how-organizations-are-leveraging-ai-and-machine-learning-to-prevent-phishing-attacks/) in the future. It follows all recommended **data protection protocols** and has confirmed that no other A1 Hrvatska services or operations have been affected.

### Baltimore City Loses Funds To Fake Vendor Transfer Requests

The Office of the Inspector General (OIG) recently reported that _Baltimore city lost hundreds of thousands of dollars in 2021 in impersonation attacks_ where the adversaries [requested payments posing as vendors](https://www.infosecurity-magazine.com/news/baltimore-conned-out-of-375k/). OIG began its investigation into the matter after receiving a notification from Baltimore’s Bureau of Accounting and Payroll Services (BAPS) in October last year informing of a fraudulent Electronic Funds Transfer (EFT). A fund transfer from the Mayor’s Office of Children and Family Success (MOCFS) to a so-called contractor first caused a red alert.

It was a typical [BEC scam](/blog/something-new-the-dual-impersonation-business-email-compromise-scam/) where the adversaries asked for the bank details to be updated. It was later confirmed that the attackers compromised an employee email account belonging to the vendor. This compromised account was then used to demand payments from the city authorities. Unsuspicious city employees believed the email from the adversaries and made a **transfer of $376,213.10** to the adversary-owned account on 7th January 2021\. While funds reached the attackers, the actual vendor still did not receive its payment. Fortunately, it received $50,000 from its insurance provider. Such attacks have increased in recent times, and therefore it has become necessary to equip employees with measures for [protection from phishing](/).

### Gamaredon Cyberattack Group Targets Ukrainian Entities

_A recent Microsoft report states that the Gamaredon threat actor group has been targeting Ukrainian entities since 2017_. The latest attack vector is a DDoS attack breaking into multiple [Ukrainian government websites](https://cyware.com/news/ddos-attacks-knock-down-ukrainian-government-websites-dad3f668). These attacks primarily targeted websites of the public radio, the armed forces, defense ministry, and national banks like Privatbank and Oschadbank. Reportedly, ATM services were also affected by these attacks.

As a consequence of the **attacks on banks**, customers were unable to log into their accounts on the bank portal. _The attacks looked severe as the websites underwent a downtime of over six hours_.

_This wave of DDoS attacks is one of the most commonly launched and powerful attacks targeting websites today_. And Ukraine is known to be the target of the highest number of [malware attacks](/content/protection-against-malware/how-to-prevent-malware-attacks/) in Europe. Thus, there is a dire need for Ukrainian authorities to take a call to action and adopt stricter [anti-phishing solutions](/products/malware-and-ransomware-protection/).

![Phishing email prevention](https://media.mailhop.org/phishprotection/images/2022/02/phishing-email-prevention-3957.jpg) 

### South Shore Hospital Undergoes Cyberattack

_The Chicago-based nonprofit South Shore Hospital discovered some suspicious activity on its network_ on 10th December 2021 and is now notifying **over 115,000** former and current patients that their data was affected in the incident. The attack looked like a [ransomware attack](/resources/ransomware-attack-why-organizations-pay-ransom/), but the breach notification did not mention this.

The hospital activated its emergency operating protocols soon after [detecting the attack](https://www.scmagazine.com/analysis/breach/south-shore-hospital-network-hack-impacts-data-of-116k-patients) to provide uninterrupted medical services to patients. As part of its measures for [protection against phishing](/), South Shore hired an external forensics firm to investigate the breach. The compromised patient information includes their names, DoBs, social security numbers, contact details, financial information, medical data, diagnosis details, health insurance information, etc. South Shore has extended free **identity theft protection services** to all victims to ensure patients’ safety. Further, to prevent such an incident from occurring again, the hospital has enabled MFA and is re-training its employees and [spreading awareness](/products/phishing-awareness-training/) on cybersecurity.

### Data Breach Hits The Internet Society (ISOC)

_The Internet Society (ISOC) is a nonprofit known for keeping the internet open and secure_. It recently [exposed the personal details](https://portswigger.net/daily-swig/internet-society-data-leak-exposed-80-000-members-login-details) of **over 80,000 plus members** owing to a breach at one of its third-party vendors. The members’ data (containing names, addresses, email addresses, and login credentials) was stored on an unprotected Microsoft Azure cloud repository. Consequently, all these details remained publicly available online for an undefined period.

Cybersecurity researcher Bob Diachenko and experts from Clario first discovered this exposed repository on 8th December 2021 and immediately notified the Internet Society about it. ISOC secured the database a week later, on 15th December 2021\. Diachenko suspects that the data was exposed for at least a month before being discovered. Affected users are advised to change their ISOC passwords, look out for suspicious messages or links, and _take necessary measures to protect themselves from phishing_.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 8 of 2022","description":"While breaches and attacks are very common, not many people are aware of the impact these have on organizational networks and the information stored and shared.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-8-of-2022/","datePublished":"2022-02-25T15:08:47.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-02-25T15:08:47.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-8-of-2022/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1352,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/02/phishing-protection-7538.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 8 of 2022","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-8-of-2022/"}]}
```