Hackers Target Rio Tinto By Exploiting Software Vulnerability, Gain Access To Employee Info

  • A cybercriminal group could have stolen the personal data of Anglo-Australian mining firm Rio Tinto Plc's RIO former and current Australian employees.
  • The group may have seized payroll information, like payslips and overpayment letters, of a few employees from January 2023, Reuters reports citing an internal memo.
  • The cybercriminal group threatened to release the data onto the dark web while investigations into the incident are ongoing.
  • The stolen data relates to an attack on U.S. cybersecurity firm Fortra's managed file transfer (MFT) software GoAnywhere.
  • Many global firms and government institutions, including Hitachi Ltd HTHIY Hitachi Energy, and Community Health Systems, Inc CYH, have notified cybersecurity incidents linked to GoAnywhere MFT over the last few weeks.
  • File-sharing software has historically been a target for cybercriminals. Back in 2021, the CL0P group exploited vulnerabilities in the servers of Accellion, leading to data breaches in Morgan Stanley MSKroger Co KR, the Reserve Bank of New Zealand, and other high-profile institutions.
  • Price Action: RIO shares traded higher by 0.93% at $65.66 on the last check Thursday.
Market News and Data brought to you by Benzinga APIs
Posted In: NewsPenny StocksSmall CapMediaBriefs
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!