Goldcorp, a Canadian gold-mining company, suffered a data breach after attackers released information this week.
Attackers released internal data about the Vancouver, British Columbia-based company and its employees Tuesday, and said in a post they will publish “14 months of company wide emails, emails containing some good old fashion corporate racism, sexism, and greed.”
The first batch of stolen data – 14.8 GB in all – ended up posted on a public paste site, and includes: Employee correspondence, payroll information, bank account and current budget information, a list of the company’s contacts all over the world, personal information about employees (names, job titles, mobile phone numbers, email addresses, passport scans), network information (including employee passwords), and documents defining various procedures (e.g. IT and disaster recovery procedures).
The online publication Daily Dot said in a report the data seems accurate. They informed Goldcorp about the leak, and the company confirmed they suffered the attack.
The Daily Dot received a tip from the hackers on Tuesday afternoon about the breach. After reviewing the sample data, the publication contacted Goldcorp via email and by phone to alert them to the claimed hack. An employee of the company said they were already aware of the situation.
Goldcorp called in independent IT security firms to work with their own internal IT security team in order to discover the scope and impact of the network compromise, so they remediate the problem and protect their employees.