Australian Mining Cyber Incident, 18 July 2023

Iron ore giant Fortescue Metals targeted by Russian ransomware group

Australian mining company confirms hack occurred on 28 May but data disclosed ‘was not confidential in nature’

Source: Incident: Fortescue Metals admits it suffered breach, Cl0p claims credit | iTWire

View more incidents from Mining and Resources sector and incidents relating to Third-Party Risk

Australian firm Fortescue Metals Group, one of the world’s largest and lowest cost producers of iron ore which is transitioning into a global green energy and metals company, has been hit by a data breach with the ransomware group Cl0p claiming it was behind the intrusion.

Cl0p on its site on the dark web, the ransomware group listed the fact that it had effected a breach of the firm, commenting “The company doesn’t care about its customers, it ignored their security!!!” – SK: I guess they refused to pay the ransom.

A Fortescue spokesperson: “We take the protection of our employees’ personal information seriously and we have strong measures in place to safeguard our business from potential cyber threats.

“Despite these efforts, Fortescue was subject to a low-impact cyber incident on 28 May which resulted in the disclosure of a small portion of data from our networks.

“Importantly, our investigations showed that this information was not confidential in nature.

“We notified the Australian Cyber Security Centre of the incident, and our internal investigation and remediation actions are now complete.”

Cl0P did not provide any further details about the quantum of data stolen, if any.

It is unclear whether Cl0p attacked Fortescue through the secure managed file transfer software MOVEit Transfer or through some other vector.