Northern Minerals

Summary

Northern Minerals, an Australian rare earth mining company, disclosed on June 4, 2024 that it had fallen victim to a BianLian ransomware attack in late March 2024. The BianLian group published stolen data on their darknet leak site, including corporate, operational, and financial information.

Attack Vector

The BianLian ransomware gang breached Northern Minerals' systems in late March 2024 and exfiltrated corporate data before listing the company on their darknet leak site. The stolen data includes project and mining research data, R&D and financial data, shareholder and investor information, personal information of employees, and corporate email archives.

Consumer Impact

The breach exposed personal details of current and former personnel, shareholder information, and extensive corporate data. The incident occurred during a sensitive period when Australian Treasurer Jim Chalmers had ordered five China-linked investors to divest their shareholding in the company, raising additional security concerns about the strategic rare earth elements sector.

Response

Northern Minerals immediately notified external stakeholders including the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. The company confirmed that the incident does not impact its mining or business operations, suggesting operational technology systems remained secure despite the data exfiltration from corporate networks.