Australian gold mining firm Evolution Mining has announced on Monday that it became aware on 8 August 2024 of a ransomware attack impacting its IT systems, and has been working with its external cyber forensic experts to investigate the incident.
“Based on work to date, the Company believes the incident is now contained,” Evolution Mining said. “The Company does not anticipate any material impact on operations.”
There has been no mention of data stolen before ransomware was deployed, and the company did not explain why it believes its operations – several gold mines in Australia and one in Canada – won’t be affected by the attack.
“The incident has been proactively managed with a focus on protecting the health, safety and privacy of people, together with the Company’s systems and data,” the company added.
Australian mining companies under attack
Evolution Mining is not the first Australian mining company to be targeted by a ransomware/cyber extortion gang.
In June 2024, Northern Minerals Limited confirmed that it had been breached by attackers who managed to exfiltrate “corporate, operational and financial information and some details relating to current and former personnel and some shareholder information.”
“With consideration to the official government stance, and the specific circumstances of this incident, the Company refused to pay the ransom demanded by the cyber criminals,” Northern Minerals said in its June 2024 Quarterly Activities Report, and noted that it has reviewed relevant processes and implemented additional measures to strengthen its systems.
The BianLian ransomware group, which perpetrated the attack, retaliated by publishing the stolen data on the dark web.
No known ransomware group has claimed the Evolution Mining attack, yet.
As Northern Minerals before it, Evolution Mining has notified the Australian Cyber Security Centre (ACSC) of the incident.