Sibanye-Stillwater, one of the world’s largest makers of precious metals, recently experienced a cyberattack that disrupted its IT ops. The breach started on Monday, July 8th, but was managed by isolating the affected systems. Despite the mishap, the company’s core mining and processing activities continued unimpeded.
James Wellsted, a company spokesperson, said the response to the threat involved isolating the IT systems to prevent further damage and secure data. Although the attack brought down servers and disrupted systems globally, there has been no demand for ransom. The identity of the perpetrators remains unknown.
The firm enlisted external cybersecurity experts to assist in identifying the breach and restoring the affected systems. The company’s proactive measures and adherence to its incident response plan were pivotal to minimising impact.
Headquartered in Joburg, Sibanye-Stillwater is a major player in the global precious metals market. Originally formed in 2012 through the unbundling of Gold Fields Limited’s South African mining assets, the company has expanded its portfolio to have prints in the United States, Finland, France, and Australia.
In Africa, it is the fourth-largest mining company according to market cap, with $3.7 billion. For context, Gold Fields comes top, having $12.5 billion publicly traded stock shares.
This adds to the rising count of South African entities that have seen cyber attackers come for their data. High-profile organisations across various sectors have been recently targeted. In March 2024, Nampak, a leading packaging company, experienced a compromise that forced it to switch to manual operations. The infiltration delayed the release of its interim results by a month.
Similarly, in July 2024, Standard Bank customers’ accounts were vaguely flagged for fraudulent activities. The bank denied the allegations of a data breach, attributing the problem to a spike in month-end transactions that overwhelmed its call center operations.
Even government institutions are not immune. The National Health Laboratory Service (NHLS) had to shut down its IT systems less than a fortnight ago following a ransomware hit from the BlackSuit hacking group. A month prior, LockBit, another ransomware gang, claimed it had stolen 66 GB worth of data from the country’s pension agency, and dumped it online.
The Department of Justice and Constitutional Development (DJ&CD), in March, suffered a cyber incident that affected its child maintenance payments. The same month, the country’s business registry, the Companies and Intellectual Property Commission (CIPC), had a similar experience.
What’s more, new data from Dean Macpherson, the new minister of public works and infrastructure, show that South Africa’s Department of Public Works has forfeited over $6 million to cyber attacks in the last decade.