UPDATED 19:34 EST / APRIL 27 2016

NEWS

Goldcorp gets mined in massive data breach

A group of hackers think they may have struck gold when they went after Goldcorp, a gold-mining firm in Vancouver. The metaphorical riches plundered come in the form of company and employee information, making up around 14.8 GB worth of data, including banking information, payroll information, and even employee passport scans.

The Daily Dot reports the document of stolen data, posted to a public paste site, contains information confirmed to belong to current Goldcorp employees.

This includes T4 and W2 forms, among other payroll information, which can be used for tax theft, as well as bank accounts, wire transfers, and marketable securities, which can be used to help access or steal from bank accounts. The document’s budget documents, contract agreements, treasury reports, and progress reports could all be used for insider trading, while the employee passports could help with identity theft. All in all, there’s a wide range of damages that could be inflicted with all the stolen information.

Just the Beginning

This is apparently the first of many data dumps, or so the hackers claim, stating that over a year’s worth of company emails will be revealed in the next one. In said emails, they claim one can find “some good old fashion corporate racism, sexism, and greed.” However, the hackers’ motivations are unknown, as are their methods for stealing the data.

Goldcorp is aware of the breach, and has issued a statement explaining that its network has been compromised. The company has alerted the authorities and is working with independent IT security firms to resolve the situation and improve the IT processes and network security protocols to prevent a similar attack from taking place.

Response and Damage Control

Following a breach of this size, a proper response is essential. Michael Bruemmer, Vice President of Experian Data Breach Resolution, offers a checklist of what to do in the “Data Breach Response Guide:” record all dates and times, alert and activate the response team, preserve evidence, stop additional data loss, document everything, interview those involved, review the protocols for breaches, assess risks and priorities, bring in a forensics firm, and notify law enforcement.

“Resolving a data breach requires a coordinated effort between your response team members, executives, external resources, law enforcement, forensic firm and data breach resolution vendor. Staying organized and documenting every step and decision should be a top priority. Act quickly to minimize the damage but don’t lose sight of your priorities or of the needs of affected individuals.”

This is a big blow to Goldcorp, with the potential to inflict a lot of damage. A fast response is essential to protect both the company and its employees, but there is already much recovery work to be done.

Photo by AJC ajcann.wordpress.com


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU