Australian iron ore miner Fortescue Metals faced a cyber-attack, and the Russian ransomware group Cl0p claimed responsibility, asserting the theft of data.
Fortescue confirmed the incident as a “low-impact cyber incident” that occurred on May 28. While the disclosed information was not confidential, it resulted in the exposure of a small portion of data from their networks.
Fortescue Metals, the fourth-largest iron ore exporter globally with a market capitalization of nearly $70 billion, notified the Australian Cyber Security Centre about the hack and completed their internal investigation and remediation actions.
However, the veracity of Cl0p’s claim about the hack’s nature remains uncertain. Cl0p, known for its financial motivation in cyber-attacks and indifference towards politics, has reported more than 100 companies globally as victims of its ransomware activities.
Although Cl0p has not leaked any Fortescue documents or data yet, the mining giant has an opportunity to negotiate over a potential ransom. Prior to this cyber incident, Fortescue Metals cleared its executive chair, Andrew Forrest, of any wrongdoing following an anonymous allegation about his relationship with an employee. The allegation was unsubstantiated. Additionally, Andrew Forrest and his wife, Nicola, announced their separation after 31 years of marriage.
Cl0p remains one of the most active and aggressive ransomware groups, causing significant concern for many large corporations, including Fortescue Metals.