A cybercriminal group may have stolen the personal data of Rio Tinto Ltd’s former and current Australian employees, a staff memo says.
The group has possibly stolen payroll information, like payslips and overpayment letters, of a small number of employees from January 2023.
The mining giant said that the cybercriminal group has threatened to release the data onto the dark web.
The stolen data relates to an attack on GoAnywhere – a managed file transfer (MFT) software offered by U.S. cybersecurity firm Fortra.
Rio Tinto has not said who is responsible for the latest cyber-attacks.
