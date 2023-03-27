Rio Tinto Australian staff may have had their data breached

By on
Rio Tinto Australian staff may have had their data breached

Staff memo warns former and current employees.

Personal data of Rio Tinto former and current Australian employees may have been stolen by a cybercriminal group, according to a staff memo seen by Reuters.

Payroll information, like payslips and overpayment letters, of a small number of employees from January 2023 had possibly been seized by the group, the memo showed.

"Investigations now indicate a possibility that Rio Tinto data may be impacted," the memo said.

The cybercriminal group threatened to release the data onto the dark web while investigations into the incident are ongoing, the Anglo-Australian mining giant added.

"To date, none of the records described above have been released, and we still do not know if the cybercriminal group holds these records or not."

The stolen data relates to an attack on the GoAnywhere managed file transfer (MFT) software offered by US cybersecurity firm Fortra.

A host of global firms and government institutions have reported cybersecurity incidents linked to GoAnywhere MFT over the last few weeks.

Hitachi Energy, a unit of Japanese conglomerate Hitachi, said last week that a ransomware attack by the "CL0P" group on GoAnywhere could have resulted in unauthorized access to employee data in some countries.

Last month, Community Health Systems in a US exchange filing confirmed that the personal and medical information of about one million individuals may have been impacted due to a security breach experienced by Fortra.

Fortra did not immediately respond to a Reuters request for comment.

File-sharing software has historically been a target for cybercriminals. Back in 2021, vulnerabilities in the servers of California-based Accellion were exploited by the CL0P group, leading to data breaches in Morgan Stanley, Kroger, the Reserve Bank of New Zealand, and other high-profile institutions.

Rio Tinto has not said who is responsible for the latest cyber attacks.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:
data breachrio tintosecurity

Sponsored Whitepapers

Creating the Sustainable IT Department
Creating the Sustainable IT Department
Modernize and innovate in a Multicloud operating model
Modernize and innovate in a Multicloud operating model
The Future Belongs to the Innovators
The Future Belongs to the Innovators
Manufacturers&#8217; Perspectives on Modernizing with Edge Computing and 5G eBook
Manufacturers’ Perspectives on Modernizing with Edge Computing and 5G eBook
State of Email Security Report 2023
State of Email Security Report 2023

Events

Most Read Articles

Impact of Latitude Financial cyber attack likely to spread

Impact of Latitude Financial cyber attack likely to spread
Gov flags possible tech sector liability for cyber security

Gov flags possible tech sector liability for cyber security
Latitude Financial warns of 'large-scale information theft'

Latitude Financial warns of 'large-scale information theft'
Medical research institute suffered November data breach

Medical research institute suffered November data breach

Digital Nation

Meta threatens to take news off its platform in the US. Yep, we're here again
Meta threatens to take news off its platform in the US. Yep, we're here again
Cover Story: The business of gaming will reshape marketing, technology
Cover Story: The business of gaming will reshape marketing, technology
Case study: How La Trobe University sets its data students up for success
Case study: How La Trobe University sets its data students up for success
Case study: Transurban uses automation to detect road incidents
Case study: Transurban uses automation to detect road incidents
Case Study: How HCF reengaged its customers through data and analytics
Case Study: How HCF reengaged its customers through data and analytics

Log In

  |  Forgot your password?