Stolen Rio Tinto employee data from cyber-attack uploaded on dark web: reports

Compromised data said to include payroll information

Stolen Rio Tinto employee data from cyber-attack uploaded on dark web: reports

Employee data that was stolen from a cyber-attack against Rio Tinto have been uploaded on the dark web, according to reports.

Information Age reported on Tuesday that the uploaded information includes sample data on Rio Tinto's payroll information, employee overpayment summaries, and child support materials.

Personal details such as first names, last names, and addresses also appeared on the sample of allegedly leaked data, according to the report.

The files were uploaded on the dark web page of ransom group Cl0p, which claims responsibility for the alleged data hack.

Rio Tinto has already confirmed that stolen employee data have been uploaded on the dark web, ABC News reported.

GoAnywhere Cyber-attack

Reports of the stolen files first emerged in late March, after a cyber-attack on GoAnywhere, a file transfer software offered by cybersecurity firm Fortra to Rio Tinto.

Personal data of Rio Tinto's former and current employees may have been stolen, according to a previous Rio Tinto memo seen by ABC News.

Payroll information, such as pay slips and overpayment letters, of several employees from January 2023 have been taken by the group, the memo also said.

There has been a recent string of cyber-attacks on major firms, such as The Guardian and Medibank. A survey from property experts InfoTrack also found that 16% of legal firms have fallen victim to cyber-crime.

To address the problem, the government has introduced legislation that will crackdown on organisations that fail to protect sensitive information. More than half of employers (55%) in a ELMO's HR Industry Benchmark Report also said they are placing high priority on the security of employee data.

Tasmanian government investigation

Another entity potentially affected by the cyber-attack is the Tasmanian government, whose agencies also use GoAnywhere.

On Wednesday, Technology Minister Madeleine Ogilvie said financial data from the Department for Education, Children and Young People may have been compromised. The information includes names, addresses, invoices, and bank account numbers, according to Ogilvie.

"I stress there is no confirmation such information has been stolen, and reiterate that no Tasmanian government IT systems have been hacked," the minister said in a statement.

According to Ogilvie, the government will "closely monitor and investigate the situation."

"We will act immediately if there are any updates," the minister said.