SIBANYE-Stillwater yesterday said it would delay by two weeks the release of its half-year financial results after a cyberattack on its IT system earlier this month caused limited disruption to its global operations.
The diversified mining company said that as a result, the publication of its operating and financial results for the period ended June 30, 2024, would be delayed, and the announcement and presentation had been rescheduled to Thursday, September 12, 2024.
On July 11, Sibanye became the latest victim of cyber criminals after its IT systems were affected globally and it was yet to determine what sort of breach occurred and had brought in external cyber experts to assist.
Sibanye said although the cyber attack had had a limited impact on its core operations, it caused temporary system outages which resulted in the implementation of back-up manual processes on certain systems at the operations.
The Johannesburg-based precious metals miner said due to the cyberattack, which remained under investigation, it further enhanced its IT security and implemented a phased system start-up approach to ensure the protection of its environment, enabling mining and extraction operations to continue globally with minimal disruption.
It said the Columbus metallurgical complex at the US PGM operations had, however, experienced some short-term operational delays due to IT outages affecting the smelting of underground concentrate and the recycling of spent autocatalysts, but was expected to quickly resume full operations, with accumulated stockpiles expected to be processed in due course.
Sibanye-Stillwater, which has operations on five continents and mines, among others in platinum, palladium, rhodium and gold, said yesterday it had contained its systems and was bringing them back up slowly in a controlled environment.
Sibanye’s CEO, Neal Froneman, said they had prioritised the health and safety of the group’s employees as they had worked diligently to remediate the effects of the attack and normalise operations.
“We are pleased to have largely secured the sustainability and integrity of our systems and continue to work closely with our customers and suppliers to mitigate any potential business interruptions that may occur in the short term,” Froneman said.
“We wish to thank all our partners and advisers for their commitment and combined efforts, which have contributed to this outcome.”
When Sibanye’ cyberattack was reported, ICT veteran commentator Adrian Schofield told Business Report it was no surprise that an international company based in South Africa had become a victim.
Although there were currently minimal details, he postulated that the motivation for the cyberattack could include aspects such as gathering personal data to commit further fraud such as ID theft.
He also did not rule out corporate espionage related to Sibanye-Stillwater’s mining operations, and potentially sensitive information that could be used to manipulate its share price, ransomware with the threat of leaking information should money not be paid over or hackers simply doing it because they can.
“Given the prevalence of cyberattacks across the world, it is not necessarily the case that South Africa is particularly vulnerable,” said Schofield.
“Our networks are world class, and we have highly qualified and experienced executives responsible for ICT operations in our major enterprises. There is no doubt that the basic rules and fundamental technologies are in place to protect these companies and other institutions.”
BUSINESS REPORT