Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Ransomware Gang Leaks Data From Australian Mining Company

The BianLian ransomware gang has leaked data allegedly stolen from Australian mining company Northern Minerals.

Australian rare-earth metals producer Northern Minerals on Tuesday announced that it fell victim to a data breach after a ransomware group published information allegedly stolen from the mining company.

“Northern Minerals Limited advises that it has been the subject of a cyber security breach and was today advised by its cyber security consultant that some of the exfiltrated data has now been released on the dark web,” the company said in a statement (PDF).

The announcement was made shortly after the BianLian ransomware gang published on its Tor-based leak site multiple archives allegedly containing operational, human resources, management, project, and email data stolen from Northern Minerals.

According to the cybergang, the exfiltrated data includes project and mining research data, R&D and financial data, shareholder and investor information, the personal information of employees, and corporate email archives.

“The exfiltrated data included corporate, operational, and financial information and some details relating to current and former personnel and some shareholder information. The process of notifying relevant impacted individuals is underway and ongoing,” Northern Minerals confirmed in its statement.

The mining company revealed that the data breach was discovered in March 2024, when it notified the appropriate authorities and engaged legal, technical, and cybersecurity specialists.

“The breach has not had a material impact on the Company’s operations or broader systems. Since the breach, the Company has reviewed its processes and implemented actions to further strengthen its systems,” Northern Minerals said.

What the mining company did not say was whether it engaged in communication with the hackers, but the fact that the allegedly exfiltrated data was made public suggests that a ransom was not paid.

Advertisement. Scroll to continue reading.

SecurityWeek has emailed Northern Minerals for additional information on the data breach and will update this article as soon as a reply arrives.

The incident came to light just as Treasurer of Australia Jim Chalmers requested the removal of Chinese investment in Northern Minerals, but the breach is unlikely to have a geopolitical link.

As threat intelligence provider CyberKnow points out, the BianLian cybergang, which typically compromises organizations weeks or months before listing them on its leak site, is most likely financially motivated. Since the beginning of 2024, the group has listed nine mining companies on its website.

Chinese hackers, however, have targeted rare earth mining companies in Australia and North America as part of influence campaigns.

Related: Japan Aviation Electronics Targeted in Ransomware Attack

Related: Ransomware Attack Forces Canadian Mining Company to Shut Down Mill

Related: Outsmarting Ransomware’s New Playbook

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Gabriel Agboruche has been named Executive Director of OT and Cybersecurity at Jacobs.

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

More People On The Move

Expert Insights