Sibanye-Stillwater hit with cyber-attack

Mining giant Sibanye-Stillwater has been hit with a cyber-attack involving all of its global IT systems.

In a SENS announcement released this morning, the miner informed shareholders that it had experienced a cyber-attack that was affecting its IT systems globally.

“As soon as the Company became aware of the incident, immediate containment measures were implemented in line with our Incident Response plan to proactively isolate IT systems and safeguard data,” the company said. 

“While the investigation into the incident is ongoing, there has been limited disruption to the group’s operations globally.”

Sibanye said it takes this incident seriously and is committed to addressing the cyber-attack. 

“Our efforts remain focused on working towards the full remediation of the effects of this attack,” it said. 

“We are voluntarily reporting this incident to the appropriate regulators and will provide further updates as necessary.”

Sibanye is the second large South African company to be hit with cyber-attacks so far this year.

In March this year, Nampak announced that it had detected unauthorised activity on its IT systems and made an initial notification to the Information Regulator.

According to the company, an unknown third party gained access to its IT systems, notwithstanding its “robust and embedded security protocols”. 

Nampak said it immediately took the necessary steps to contain, assess and remediate the incident. 

“Nampak is taking the necessary measures to determine the scope of the compromise, to restore the integrity of its information systems and to ensure that it is not exposed to further risk,” the company said. 

“The company has retained local and global cybersecurity and forensic experts to work with its capable in-house IT team to manage this process.”

Nampak has since switched over to its backup manual compensating controls and continues to function using these processes. 

“This breach has not affected the manufacturing facilities and operations which are functioning as normal, albeit with some manual operating systems where required,” the company said.

“The company will work with its suppliers and customers to ensure that the impact of the incident is contained and it is able to continue delivering products as required.”

This cyber-attack resulted in Nampak delaying the publication of its interim results.

“Following the Cyber Incident, the Company has taken a range of steps to restore the group’s information management and reporting systems,” the company said. 

“The group’s systems are up and running again, but given that the incident occurred shortly before the close of the interim period, further steps are being carried out to ensure that all financial information is complete and accurate.”

Department of Public Works and Infrastructure

Public Works and Infrastructure Minister Dean Macpherson

Not only private companies have been affected by cyber-attacks this year. The Department of Public Works and Infrastructure also recently announced that it has been subject to attacks that have led to the loss of R300 million over the past decade.

“I have decided to take the public into confidence and advise South Africa that at least R300 million has been stolen from the department in the last 10 years,” Public Works and Infrastructure Minister Dean Macpherson said.

The Minister added that it was an elaborate scheme by cyber-hackers that may have involved department officials.

He advised that this number could be higher as investigations into the incidents continue.

The latest episode took place in May 2024, when the cyber-attackers stole a further R24 million.

This prompted a full forensic investigation by the Hawks, the South African Police Services, the State Security Agency and ICT and cyber security experts.

“This revelation emerged as Minister Dean Macpherson and Deputy Minister Sihle Zikalala conducted detailed assessments on the department’s work and through the incoming briefings from department branches,” the department said in a media statement.

“It has become clear that the department has been a soft target and playground for cyber criminals for over a 10-year period, and this should have been picked up a lot earlier,” Macpherson said.