14 DAY TRIAL // Goldcorp, a leading gold producer based in Canada, acknowledged this week a data breach incident at the hands of unknown hackers, confirmed by DataBreaches.Net admin Dissent Doe for The Daily Dot.
Goldcorp Inc., is one of Canada's biggest mining corporations, with mining sites all over the Americas, from Canada to the US, and from Mexico to the Dominican Republic.
Hackers stole 14.8 GB of company data
Hackers breached Goldcorp's servers and siphoned off a large number of files, which they later uploaded online and announced the hack via a paste site. No other details about their hacking methods, the date of the server breach, or their identity were revealed.
The data dump includes files containing sensitive employee information, but also internal documents such as emails and reports that offered insight into the company's activities.
According to the hacker's statements and the content of the files, the following data has been confirmed as being present inside the data dump: T4 and W2 forms, payroll information, contracts with other companies, bank accounts, wire transfers, marketable securities, budget documents from 2012 - 2016, and treasury reports.
Further, the data dump also included employee network information, various types of logins/passwords, employee passport scans, employee progress reports, international business contact lists, IT procedures, VMWare recovery procedures, and data from the company's SAP accounts.
Goldcorp acknowledges the incident
Confronted with the data dump, Goldcorp took their time, but a few days later confirmed the breach to reporters.
A similar data breach happened to another Canadian mining firm in the summer of 2015. A Russian hacking group breached Detour Gold, and after the company had said it secured its server, the hackers came back and hacked the firm again.
In statements to reporters, the hackers also revealed that they are also preparing to release new files from Goldcorp servers.
UPDATE: The article was updated to reflect that Goldcorp never denied the hacking incident but only took more time to confirm the intrusion.
UPDATE 2: Shortly after our report went live, Bloomberg revealed that the hackers had tried to extort Goldcorp before dumping the data online.