The largest gold mining company in Canada, Barrick Gold Corp., has fallen victim to a large-scale data theft orchestrated by a shadow cybercriminal group known as Clop. This incident has affected hundreds of corporations and nearly 20 million individuals worldwide.
According to reports, at least 376 organizations, including financial institutions, medical organizations, and government bodies in the United States and Canada, have reported being targeted by Clop. The group, operating since at least 2020, typically employs encryption software to hold company or individual files hostage, demanding a ransom for the decryption key. However, the most recent attack, which occurred in late May, involved a massive data breach from Progress Software Corp.’s Moveit file exchange system based in Massachusetts. The exploit took advantage of a “zero-day” vulnerability in the software, for which there was no available fix at that time.
Clop publicly discloses the names of the companies it targets on dark web platforms. Their modus operandi involves demanding payment in exchange for not disclosing or selling the stolen data to third parties. The group is notorious for shaming their victims for having weak cybersecurity measures in place.
Barrick Gold Corp. has chosen not to disclose the full extent of the attack, including the nature of the data stolen, and has not even confirmed the occurrence of the attack itself. In a statement, Barrick’s press secretary Katie Du Plessis simply wrote, “Unfortunately, we do not comment on cybersecurity matters.”