Hackers unleash cyber attack on mining group Rio Tinto

Rio Tinto, a leading mining group with annual revenue of $55.55 billion, has faced a significant cyber attack as hackers have stolen personal data of former and current Australian employees, Reuters news report said.
IT network security issuesHackers have accessed payroll information, like pay-slips and overpayment letters, of a small number of employees from January 2023, an internal memo from Rio Tinto on the cyber security incident showed.

“Investigations now indicate a possibility that Rio Tinto data may be impacted,” Rio Tinto’s memo said.

“To date, none of the records described above have been released, and we still do not know if the cybercriminal group holds these records or not.”

Rio Tinto did not reveal the name of its cyber security partner.

The cybercriminal group threatened to release the data onto the dark web while investigations into the incident are ongoing, the Anglo-Australian mining giant added. Rio Tinto has not said who is responsible for the latest cyber-attacks.

The stolen data relates to an attack on GoAnywhere – a managed file transfer (MFT) software offered by U.S. cybersecurity firm Fortra.

A host of global firms and government institutions have reported cybersecurity incidents linked to GoAnywhere MFT over the last few weeks.

Hitachi Energy, a unit of Japanese conglomerate Hitachi, said last week that a ransomware attack by the “CL0P” group on GoAnywhere could have resulted in unauthorized access to employee data in some countries.

Last month, Community Health Systems in a U.S. exchange filing confirmed that the personal and medical information of about one million individuals may have been impacted due to a security breach experienced by Fortra.

File-sharing software has been a target for cybercriminals. Back in 2021, vulnerabilities in the servers of California-based Accellion were exploited by the CL0P group, leading to data breaches in Morgan Stanley, Kroger Co, the Reserve Bank of New Zealand, and other institutions.