There is a danger to the Golden Mountains.
The largest gold mining company in Canada, Barrick Gold Corp., was the target of a sizable data theft carried out by the mysterious cybercriminal organisation Clop. Around the world, the incident had an impact on nearly 20 million people and hundreds of corporations.
As it turned out, Barrick Gold Corp. is one of at least 376 businesses that Clop reported. Financial institutions, healthcare providers, US government agencies, and Canadian local governments are among the victims.
The Clop group, active at least since 2020, has historically used software to encrypt business or personal files before requesting a ransom to unlock the data. The most recent incident, which happened at the end of May, is connected to the massive data theft from the MOVEit file sharing system, which is owned by the Massachusetts-based Progress Software Corp. The issue was a "zero-day" software vulnerability for which there was no patch available at the time.
The names of the businesses impacted by Clop's actions are made public in obscure online forums. The group's strategy is to either sell the data to a third party or demand a ransom in exchange for the data's secrecy. The group is infamous for its brazenness, criticising victim companies for having inadequate cyber defences.
Without identifying the data that was stolen or even confirming that an attack had occurred, Barrick withheld information about the attack's consequences. In a letter, Barrick spokeswoman Cathy du Plessis stated, "Unfortunately, we do not comment on issues related to cybersecurity.