Sibanye-Stillwater, a mining company and the operator of the only platinum and palladium mines in the U.S., has confirmed a data breach of its systems which has impacted thousands of its employees. The firm suffered a cyberattack which was discovered in July, 2024, though the attack took place in June.
The StillWater data breach has compromised sensitive personal information belonging to 7,258 employees, the company stated. The stolen data includes a wide range of personal details: names, contact information, government IDs, Social Security numbers, passport numbers, tax IDs, financial details like bank accounts, and even medical information such as health plan numbers.
StillWater Data Breach Investigation Details
Sibanye-Stillwater shared that the cyberattack in July resulted in operational disturbances across its global IT systems. The attack affected the company’s servers and caused widespread disruptions. However, core mining and processing activities largely continued unaffected.
The Johannesburg-headquartered firm, known for its operations in precious metals like platinum and gold in South Africa, also operates internationally, including a palladium mine in the U.S. and projects in Finland, France, and Australia involving lithium, nickel, and zinc.
In its mandatory disclosure to the Maine Attorney General, StillWater Mining said that it launched a thorough investigation by external cybersecurity experts and confirmed the data breach on August 19. The firm reported that it was actively collaborating with law enforcement to identify and hold the perpetrators accountable. They’ve also taken steps to bolster their cybersecurity measures, including implementing real-time monitoring and endpoint detection systems.
The hacking group RansomHouse claimed responsibility for the cyberattack on StillWater in late July and allegedly leaked the stolen data in mid-August. The hackers claimed to have exfiltrated 1.2 TB of data from StillWater. RansomHouse emerged in March 2022 and is labelled as a multi-pronged extortion threat.
On September 7, Stillwater Mining began notifying affected employees electronically. To mitigate potential identity theft risks, the company has offered free identity and credit monitoring services through Experian’s IdentityWorks for a period of 24 months.
The breach notification also revealed that two Maine residents were affected. The company has urged the affected employees to activate their complimentary 24-month membership to Experian’s IdentityWorks, which offers identity theft detection, resolution, and credit monitoring. Employees have until December 31, 2024, to activate these services.
Data Breach Notification Amidst Layoffs
This data breach comes amidst significant challenges for Stillwater Mining. Last week, the company laid off approximately 700 workers from its Montana operations.
They attributed these layoffs to Russia flooding the U.S. market with cheaper palladium, drastically impacting prices. The price of palladium has plummeted from $2,300 per ounce two years ago to under $1,000 currently, forcing cost-cutting measures at Stillwater Mining, the company said in a letter to its employees.
U.S. Senator Jon Tester expressed his disappointment with the situation, highlighting that the layoffs were a direct consequence of Russia’s market manipulation. While the U.S. has imposed sanctions on Russian imports since the Ukraine invasion, palladium remains an exception. This has destabilized the market, negatively impacting American companies like Stillwater Mining.
Despite these challenges, Sibanye-Stillwater, reported revenue of $2.9 billion in the last quarter. The firm, listed on both the Johannesburg Stock Exchange (JSE: SSW) and the New York Stock Exchange (NYSE: SBSW), is a prominent player in the global mining and metals processing industry, specializing in platinum group metals (PGMs) and gold production.
The company has also expanded its operations into battery metals mining and recycling, emphasizing its commitment to sustainability and operational resilience.
As Stillwater Mining continues to recover from both the breach and market instability, employees and law enforcement are closely monitoring the situation to minimize any further damage.