--- title: "Cybersecurity Updates For The Week 26 of 2022 | Phish Protection" description: "Cybersecurity Updates For The Week 26 of 2022: Phishing attacks continue to target global institutions. The following are this week" image: "https://phishprotection.com/og/blog/cybersecurity-updates-week-26-2022.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-week-26-2022/" --- Quick Answer \[Phishing attacks\](/resources/7-most-common-phishing-attacks-and-learning-to-protect-against-them) continue to target global institutions. The following are this week's news headlines to help you stay abreast of the latest \*\*threat vectors\*\* so you can take appropriate measures to keep your and your organization's information assets safe. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-26-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2026%20of%202022&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-26-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-26-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-26-2022%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2026%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2026%20of%202022&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-26-2022%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/07/phishing-attack-prevention.jpg) [Phishing attacks](/resources/7-most-common-phishing-attacks-and-learning-to-protect-against-them) continue to target global institutions. The following are this week’s news headlines to help you stay abreast of the latest **threat vectors** so you can take appropriate measures to keep your and your organization’s information assets safe. ### Hackers Target The Health Vendor MCG Cyberattackers recently attacked a Seattle-based health vendor called MCG, which has exposed the **protected health information** and other sensitive details of over 1 million hospital patients in the US. As a result, patients from Indiana University Health were also impacted. The [breach notification](https://www.cpomagazine.com/cyber-security/fcc-introduces-new-data-breach-notification-rules-for-telecommunications-companies/) released by MCG mentioned that the adversaries could **access** their personal information, such as names, postal addresses, email addresses, contact numbers, DOBs, **medical codes**, and social security numbers. As part of its[phishing attack prevention](/content/protection-from-phishing/how-to-stop-phishing)measures, MCG is coordinating with the FBI. The attack occurred in March 2022, but it was only recently that MCG and IU. Health contacted the affected individuals. Further, the breach notification contained too few details, making victims perplexed and **unsure** of their next move. The hospital and healthcare facility are yet to share the attackers’ details and the attack’s nature . However, they have asked patients to **keep monitoring** their account statements and credit reports. Reportedly, the MCG breach affected around **nine US states** and[1.1 million people](https://www.heraldbulletin.com/news/iu-health-has-sensitive-data-breach/article%5Fa0e6b638-f357-11ec-a9ce-7f6d3a931aaf.html?&web%5Fview=true). One patient from Seattle has also sued MCG for its negligence and passive means of handling the attack. ### Cyberattack Targets the Electronics Retailer Fast Shop A cyberattack recently hit the electronics retailer Fast Shop, which brought down its **app and website**. The systems were brought down to prevent the [attack vector](https://www.sumologic.com/glossary/attack-vector/) from spreading. A day after the attack, Fast Shop could restore its systems and function normally. It mentioned that there was **no evidence of the misuse** of customer data. Further investigation revealed Fast Shop’s **Twitter account** was hacked in this episode. A tweet on Fast Shop’s handle announced that all stores would remain closed till 26th June, and there would be **delays in order deliveries** until 27th June 2022. This incident marks the[second cyberattack](https://newsbulletin247.com/economy/121032.html?web%5Fview=true)this year that has targeted a major retailer’s website. Although there is no evidence of a data breach, Fast Shop customers are advised to take [anti-phishing](/content/anti-phishing-software/anti-phishing-solutions) protection measures. ### Security Vulnerability Detected at Halfords [Cybersecurity](/content/cybersecurity-in-a-nutshell) consultant Chris Hatton recently purchased some car tires from Halfords online and discovered an **Insecure Direct Object Reference (IDOR) vulnerability** in its system. Initially, Hatton used an email address to check his booking details by clicking on the **Halfords tracking link**. Later, when he tried using an order ID, he could still access the personally identifiable information (PII) of not just himself but **thousands of other customers** associated with the same ID. ![Phishing attack prevention](https://media.mailhop.org/phishprotection/images/2022/07/phishing-attack-prevention.jpg) Hatton could easily access customers’ booking details, car details, home location, and contact numbers. So, he reported the issue to Halfords in[January 2022](https://www.theregister.com/2022/06/23/halfords%5Fdata%5Fleak%5Fvulnerability/?&web%5Fview=true)but received **no response**. The company only reverted when the matter escalated. Halfords then gave a statement assuring that it takes the security of customer data very seriously and has **removed the potential vulnerability**. It further mentioned that no payment or bank details were affected in the breach and that it is taking necessary[phishing protection](/)measures. ### Ex-Employee Steals Corporate Intel to Start Own Company Employees stealing intel from companies for their benefit is a fairly common cyberattack. In a recent incident, the property damage estimating firm Young and Associates **filed a lawsuit** against one of its former employees for stealing its confidential data. Young & Associates accused former employee Michael Walker of stealing over 30,000 files from it to create a **competing firm** of his own. Young & Associates filed the suit in the United States District Court of the North District of Georgia, stating that Walker copied company files from [cloud storage](https://www.securitymagazine.com/articles/91985-data-breach-report-cloud-storage-exposes-users-private-information) to a USB drive with malicious intentions. In the court filings, Walker admitted that he had **downloaded** the contents of his company Drive folder to a personal device before leaving YA. He testified that he had uploaded this data onto the company network of his new firm, Undisputed Consulting, LLC. Naturally, **YA was unaware** of Walker’s deeds when he left the company in July 2021 to become a founding member of Undisputed. _Walker **stole everything required** to begin a company, from business and marketing plans to customer contact lists, from strategic budgets and financial documents to [customer data](https://finance.yahoo.com/news/t-customer-data-breach-highlights-133200634.html) and estimating tools._ Walker defied the YA employee contract, which mandates every employee to return confidential [company data](https://www.infosecurity-magazine.com/news/wh-smith-discloses-cyber-attack/) at the end of their employment. He was guilty of misusing his privileged access to **password-protected** and cloud-based company data. YA noticed Walker’s master plan when some other YA consultants began shifting to Undisputed along with their customers. The company has **accused Walker** of violating the Defend Trade Secrets Act, the Georgia Trade Secrets Act, and Georgia’s Computer Systems Protection Act. YA is demanding[financial compensation](https://digitalguardian.com/blog/suit-claims-ex-consultant-stole-30000-files-start-competing-firm?&web%5Fview=true)for the misuse of this priced intel by Walker and his associates. It has also requested the court to prevent anyone from using its **trade secrets**. The results of this trial are eagerly awaited. Protection from phishing involves more than external threats; sometimes, our **employees** can also become threat actors! ![Spear phishing protection](https://media.mailhop.org/phishprotection/images/2022/07/spear-phishing-protection-5378.jpg) ### Ransomware Hits Nichirin A [ransomware attack](/resources/ransomware-example) recently targeted the US subsidiary of Nichirin. Nichirin is a Japanese company making hoses for the automotive industry. The attack on Nichirin-Flex USA was first observed on 14th June, and fortunately, it **did not affect** other Nichirin subsidiaries. Experts are investigating the nature of the attack, which forced the company to shut down its production control systems. Nichirin took to its website to warn customers of fake emails claiming to be from the company and urged them **not to reply or react** to such emails with URLs and other attachments. The current attack on Nichirin comes just months after the Pandora attack on the Japanese car parts giant Denso. So far, Nichirin data has not been listed on any data leak website. The[Nichirin attack](https://www.securityweek.com/us-subsidiary-automotive-hose-maker-nichirin-hit-ransomware?&web%5Fview=true)is a reminder for all manufacturers in the automotive and infrastructure sector to **take measures** for protection against phishing . ### Indian Users Beware of New Crypto Scam CoinEgg Indian crypto users are falling for **high-profile scams**, with ‘CoinEgg’ being the latest. The scheme has already defrauded 10 billion INR from Indian users. The fraud involves multiple **Android-based** applications and [payment gateway](https://www.emerchantpay.com/insights/what-is-a-payment-gateway-and-how-does-it-work/) domains that attack unsuspecting individuals with a mass gambling scam. The adversaries created several **fake domains** impersonating known crypto trading platforms and used the word ‘CloudEgg’ in them. The attackers then created a **fake female** social media profile to establish a virtual rapport with the potential victim. The fake profile eventually influences victims to start crypto trading and investment. The fake profile also credits USD 100 to the victim’s wallet as a **welcome gift** (a duplicate crypto exchange) to enhance the credibility of the scam. The fake profile entices users into signing up and starting to trade. When users see that they are making profits, they make **bigger investments**, thus falling deeper into the scam. Once the victims add money, the [adversaries](/phishing/adversaries-stole-500-million-crypto-based-game-phishing-tactics) **freeze their accounts** and disappear with the funds. Naturally, a person who has been robbed takes to other platforms to complain, and the attackers also leverage this opportunity. They use fake accounts and **pose as investigators** who can retrieve the frozen assets. They **ask for confidential details** of the victims, such as their bank details and ID cards, and then use these for other cybercrimes. With such[multi-phased attacks](https://www.businessinsider.in/cryptocurrency/news/indian-investors-may-have-lost-almost-1000-crore-in-crypto-scam-according-to-a-new-report/articleshow/92358876.cms?&web%5Fview=true), protecting yourself from phishing has become a real challenge! ### Data Breach Hits Flagstar Bank A data breach targeted Flagstar Bank in December 2021 when attackers compromised its **corporate network** and stole sensitive and confidential customer data. The Michigan-based [financial services](https://www.infosecurity-magazine.com/news/quarter-cyber-attacks-uk-financial/) provider is now notifying over 1.5 million customers that their data was potentially compromised in this attack. After the investigation ended on 2nd June 2022, Flagstar discovered that sensitive customer information such as their names and social security numbers were **exposed**. Flagstar quickly adopted anti-phishing protection measures and activated its **incident response plan**. The bank also hired external cybersecurity professionals to investigate the breach and reported the incident to federal law enforcement. So far, there is no evidence to prove the misuse of the stolen information, but Flagstar is providing all victims two years of **free** [identity monitoring](https://www.bleepingcomputer.com/news/security/flagstar-bank-discloses-data-breach-impacting-15-million-customers/?&web%5Fview=true)and protection services. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 26 of 2022","description":"Cybersecurity Updates For The Week 26 of 2022: Phishing attacks continue to target global institutions. The following are this week's news headlines to help.","url":"https://phishprotection.com/blog/cybersecurity-updates-week-26-2022/","datePublished":"2022-07-01T07:53:34.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-07-01T07:53:34.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-week-26-2022/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1419,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/07/phishing-attack-prevention.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 26 of 2022","item":"https://phishprotection.com/blog/cybersecurity-updates-week-26-2022/"}]} ```