Sibanye-Stillwater, a leading South African mining company, has announced a delay in releasing its operating and financial results for the period ending June 30, 2024. This postponement comes in the wake of a recent cyberattack that severely disrupted the company’s IT systems. The attack, which took place on July 11, brought down the company’s servers and affected various aspects of its global operations. An investigation into the incident is ongoing.
The company has taken immediate steps to bolster its IT security. To ensure the continuity of its mining operations worldwide, Sibanye-Stillwater has implemented a phased system start-up approach. This strategy aims to minimize disruption while prioritizing the health and safety of its employees.
CEO Neal Froneman stated in a news release that the company has focused on mitigating the effects of the cyberattack and normalizing operations. “We have prioritized the health and safety of our employees as we have worked diligently to remediate the effects of the attack and normalize our operations,” Froneman said.
He also expressed confidence in the company’s efforts to secure its systems and maintain business continuity. “We are pleased to have largely secured the sustainability and integrity of our systems and continue to work closely with our customers and suppliers to mitigate any potential business interruptions that may occur in the short term,” he added.
Despite the company’s swift response, the cyberattack did cause some operational delays. The most significant impact was on the US-based platinum group metals operation. IT outages affected the smelting of underground concentrate and the recycling of spent autocatalysts. However, these operations are expected to resume fully soon, with accumulated stockpiles slated for processing in due course.
Although the core operations of Sibanye-Stillwater were not heavily impacted, the temporary system outages necessitated the implementation of backup manual processes in certain areas. These systems are now mostly restored, but the company has rescheduled the publication of its second-quarter and first-half results to September 12.
The delay in releasing the financial results underscores the broader issue of cybersecurity in the mining industry. With increasing reliance on digital systems, mining companies are becoming more vulnerable to cyber threats. Sibanye-Stillwater’s experience highlights the importance of robust IT security measures and the need for ongoing vigilance in protecting critical infrastructure.
The cyberattack on Sibanye-Stillwater began with a breach that allowed unauthorized access to the company’s servers. Once inside, the attackers deployed malware that disrupted various IT systems. The company’s immediate response involved isolating affected systems to prevent further spread of the malware. This containment strategy was crucial in minimizing the overall impact of the attack.
In the days following the breach, Sibanye-Stillwater’s IT team worked around the clock to restore services. This involved rebuilding affected servers, restoring data from backups, and strengthening security protocols to prevent future breaches. The phased system start-up approach allowed the company to gradually bring systems back online while ensuring that security measures were in place.
The company’s decision to delay its financial results reflects a commitment to transparency and accuracy. By postponing the release, Sibanye-Stillwater aims to ensure that its financial statements accurately reflect the state of its operations post-attack. This approach allows the company to provide stakeholders with a clear and comprehensive view of its performance.