Australian gold mining giant targeted by a ransomware attack

Australian gold mining giant Evolution Mining said it experienced a ransomware attack late last week that struck its internal systems.

 

Operating in Australia and Canada, Evolution Mining is Australia’s largest gold mining company. It owns and operates mines at Cowal, New South Wales; Mt Carlton, Mt Rawdon, and Ernest Henry, Queensland; and Mungari, Western Australia.

 

In a filing with the Australian Securities Exchange (ASX) on Monday, Evolution Mining said that it became aware of a ransomware attack on August 8. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

The company confirmed that the incident has now been contained.

 

“The incident has been proactively managed with a focus on protecting the health, safety and privacy of people, together with the Company’s systems and data,” reads the filing.

 

Evolution Mining added that the data security incident did not have any “material impact on operations” which indicates that threat actors could not encrypt the company’s internal systems or did not attack production-related systems.

 

Evolution Mining has notified the Australian Cyber Security Centre and is working with authorities to investigate the incident.

 

The company is yet to share details on how the threat actors infiltrated its internal network or who is behind the ransomware attack. Also, at the time of writing, no hacker group has claimed responsibility for the attack.

 

The ransomware attack on Evolution Mining comes within months after another mining giant, Northern Minerals, disclosed a significant data security incident that compromised sensitive corporate and personal information. The company launched an investigation and engaged external cyber security experts to investigate the matter.

 

The BianLian ransomware group claimed responsibility for the cyber attack on the company and listed it as a victim on its data leak site.

 

The group claimed to be in possession of 1.65 TB of data stolen from the company that included operational data, strategic data, potential projects, geological and mining research in various countries, data on research of competitors, R&D data, financial data, employees’ personal data, corporate email archives, and data on shareholders and potential investors.