Hackers Target Rio Tinto By Exploiting Software Vulnerability, Gain Access To Employee Info - Rio Tinto (

A cybercriminal group could have stolen the personal data of Anglo-Australian mining firm Rio Tinto Plc's (NYSE:RIO) former and current Australian employees.
The group may have seized payroll information, like payslips and overpayment letters, of a few employees from January 2023, Reuters reports citing an internal memo.
The cybercriminal group threatened to release the data onto the dark web while investigations into the incident are ongoing.
The stolen data relates to an attack on U.S. cybersecurity firm Fortra's managed file transfer (MFT) software GoAnywhere.
Many global firms and government institutions, including Hitachi Ltd (OTC: HTHIY) Hitachi Energy, and Community Health Systems, Inc (NYSE: CYH), have notified cybersecurity incidents linked to GoAnywhere MFT over the last few weeks.
File-sharing software has historically been a target for cybercriminals. Back in 2021, the CL0P group exploited vulnerabilities in the servers of Accellion, leading to data breaches in Morgan Stanley (NYSE:MS), Kroger Co (NYSE:KR), the Reserve Bank of New Zealand, and other high-profile institutions.
Price Action: RIO shares traded higher by 0.93% at $65.66 on the last check Thursday.

To add Benzinga News as your preferred source on Google, click here.