Lone U.S. platinum and palladium mining firm Stillwater Mining Company had information from 7,258 employees confirmed to be compromised in a cyberattack in mid-June, which the RansomHub ransomware gang took responsibility for, according to The Record, a news site by cybersecurity firm Recorded Future.
While an investigation into the intrusion, which was only discovered on July 8, is still underway, Stillwater has disclosed in a filing with the Office of the Maine Attorney General that attackers were able to exfiltrate employees' names, contact details, Social Security numbers, passport numbers, tax ID numbers, government ID information, financial details, medical information, and birth certificates. Such a disclosure comes nearly a month after RansomHub threatened to expose data stolen from the mining company.
More than 210 organizations, including the City of Columbus in Ohio, Planned Parenthood of Montana, and Rite Aid, have already been compromised by the RansomHub operation since its emergence in February.
