.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Know Your Breach: Stillwater Mining Company
Sep 20, 2024 9:40:32 AM
The Target: Stillwater Mining Company, the owner of the only platinum and palladium mines in the U.S.
The Take: In addition to names and contact information, the hackers stole government ID information, passport numbers, Social Security numbers, tax ID numbers, birth certificates, financial information like bank account numbers and medical information like health plan numbers.
The Vector: Stillwater Mining Company told regulators that hackers breached company systems in the middle of June but the incident was only discovered on July 8. The investigation into the attack is ongoing, but the mining company said it was able to confirm the data breach on August 19.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
