Ransomware strikes Australian mining giant

Cyber insurers and brokers have another example to send to clients

Ransomware strikes Australian mining giant

Cyber

By Roxanne Libatique

Australian gold mining company Evolution Mining Limited (Evolution Mining) has reported that its IT systems were affected by a ransomware attack in yet another incident that insurers and brokers may wish to highlight with their clients to emphasise the financial security offered by cyber insurance.

Evolution Mining cyberattack response

Evolution Mining said it is collaborating with external cyber forensic experts to investigate and address the incident. Initial assessments indicate that the situation is under control.

The company emphasised that it has taken steps to protect the health, safety, and privacy of its personnel, as well as the integrity of its systems and data. It does not expect the breach to have a substantial impact on its operations.

The Australian Cyber Security Centre (ACSC) has also been notified of the attack.

Early Settler data breach

Earlier this month, furniture retailer Early Settler confirmed a data breach that resulted in the exposure of customer names and contact details on a hacking forum.

The breach was first revealed on August 3, 2024, when a forum user claimed to have obtained data from 1.1 million customers.

Early Settler said the compromised data originated from an archived database dating back to July 2022. The information included names, phone numbers, email addresses, and delivery addresses, but no payment details were compromised, as the company does not retain credit or bank card information.

The company is working with authorities, including the ACSC and the Office of the Australian Information Commissioner (OAIC). In response to the breach, Early Settler is also conducting a review of its security systems.

Rising data breaches in Australia

These incidents have occurred amid a significant rise in data breaches across Australia.

Cybersecurity firm Surfshark reported that 1.8 million user accounts were compromised in the first quarter of 2024 (Q1 2024), reflecting a 388% increase from the previous quarter.

Australia is now ranked as the 15th most affected country globally, with an estimated 140 million accounts breached since 2004, according to Surfshark. Additionally, it has been named among the top 10 sources of phishing attacks, according to the 2024 Phishing Report by cloud security firm Zscaler’s embedded research team.

Surfshark’s analysis revealed that 416 million personal records have been exposed in Australia, including 97 million passwords, highlighting the increasing vulnerability of both individuals and businesses to cyber threats.

Deepfake technology emerging as a new threat

A separate report from compliance platform ISMS.online highlighted that nearly 24% of Australian businesses experienced incidents involving deepfake technology over the past year.

These incidents, which use synthetic media to mimic the voices and appearances of company executives, have raised concerns, especially in industries such as finance, healthcare, and technology.

Australian organisations boost cybersecurity defences

In response to the growing cybersecurity challenges, Australian organisations are focusing on enhancing their defences.

The government’s Cybersecurity Action Strategy, along with updated guidance from the Australian Prudential Regulation Authority (APRA), underscores the national effort to bolster cybersecurity measures across various sectors.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!