{"id":599607,"date":"2025-06-21T10:00:00","date_gmt":"2025-06-21T08:00:00","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=599607"},"modified":"2025-06-21T10:03:44","modified_gmt":"2025-06-21T08:03:44","slug":"prominent-south-african-company-hit-by-cyberattack","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/599607-prominent-south-african-company-hit-by-cyberattack.html","title":{"rendered":"Prominent South African company hit by cyberattack"},"content":{"rendered":"\n

Eastern Platinum (Eastplats) experienced a data breach, which saw specific files related to its internal affairs released on a restricted part of the internet.<\/p>\n\n\n\n

Eastplats is a platinum group metals (PGM) and chrome producer with assets located along South Africa\u2019s Bushveld Complex, the world\u2019s largest known PGM resource.<\/p>\n\n\n\n

The company announced on 17 June 2025 that it experienced a cybersecurity incident on 27 May 2025, which affected its internal IT systems.<\/p>\n\n\n\n

\u201cUpon detection, Eastplats took immediate containment measures to protect its network and data,\u201d the company said.<\/p>\n\n\n\n

\u201cEastplats has since been working with cybersecurity experts to thoroughly investigate the incident\u2019s scope and undertake necessary remedial action.\u201d<\/p>\n\n\n\n

Eastplats said its business operations have continued without disruption. However, certain files related to its internal affairs were disclosed without authorisation by third parties on a restricted part of the internet. <\/p>\n\n\n\n

The company is actively reviewing these files to ensure ongoing compliance with its legal obligations and to safeguard its commercial interests.<\/p>\n\n\n\n

\u201cEastplats\u2019 priorities include the protection and continuous enhancement of its data security and Systems,\u201d it said. <\/p>\n\n\n\n

\u201cThis incident has been reported to the appropriate authorities, and Eastplats is committed to maintaining the trust and confidence of its stakeholders.\u201d<\/p>\n\n\n\n

Eastplats\u2019 cybersecurity breach is the latest in a series of cyberattacks on South African companies over the past few years.<\/p>\n\n\n\n

Across 2024 and 2025, several prominent South African companies have informed the market of cybersecurity breaches of their systems.<\/p>\n\n\n\n

This has included Nampak, Sibanye-Stillwater, Astral Foods, Cell C, and South African Airways.<\/p>\n\n\n\n

These attacks come as experts increasingly warn of the dangers cyberattacks present, especially for companies.<\/p>\n\n\n\n

The Allianz Risk Barometer for 2025 found that cybercrime has become the biggest threat to businesses worldwide, including South Africa.<\/p>\n\n\n\n

The report explained that cyber incidents, including ransomware attacks, data breaches, and IT outages, are now the top global business risk, marking their fourth consecutive year at the top. <\/p>\n\n\n\n

Cybersecurity risks<\/h2>\n\n\n\n
\"\"<\/figure>\n\n\n\n

The Allianz Risk Barometer for 2025 explained that, a decade ago, only 12% of global respondents cited cyber as a major concern. In 2025, that number surged to 38%.<\/p>\n\n\n\n

\u201cCyber is the top risk across North and South America, Europe, and Africa, dominating industry concerns from aviation to legal services,\u201d Allianz said. <\/p>\n\n\n\n

\u201cMore importantly, it now ranks as the number one risk in South Africa, overtaking long-standing issues like load-shedding and political instability.\u201d<\/p>\n\n\n\n

Allianz explained that this concern is not just theoretical, citing two recent, high-profile cyberattacks on two major South African organisations \u2014 Cell C and the South African Bureau of Standards (SABS).\u00a0<\/p>\n\n\n\n

\u201cBoth incidents have raised serious questions about compliance, cybersecurity readiness, and whether these attacks could have been prevented,\u201d it said.<\/p>\n\n\n\n

The World Wide Industrial & Systems Engineers\u2019 lead ISO specialist, Herman Stroop, said both attacks were entirely preventable.<\/p>\n\n\n\n

He said one key challenge in South Africa is poor enforcement of existing regulations, including the Protection of Personal Information Act (POPIA) and Minimum Information Security Standards.<\/p>\n\n\n\n

These regulations lay out clear expectations for information governance, yet Stroop said many organisations either ignore or delay compliance due to a perceived lack of consequences.<\/p>\n\n\n\n

\u201cThe irony is that prevention is far cheaper than remediation,\u201d he said. Following a cyberattack, organisations often suffer reputational damage, legal liability, and operational downtime.<\/p>\n\n\n\n

Stroop said these consequences far exceed the cost of implementing an ISO-compliant Information Security Management System.<\/p>\n\n\n\n

In addition, Stroop called for greater transparency from companies after they suffer a data breach.<\/p>\n\n\n\n

\u201cDetails about the nature of the attacks and how they were handled remain vague,\u201d he said. <\/p>\n\n\n\n

\u201cWhen an organisation isn\u2019t ISO-certified, it usually doesn\u2019t have the documentation, procedures or incident response plans to respond properly \u2013 let alone communicate clearly \u2013 during a breach.\u201d<\/p>\n\n\n\n

The Information Regulator previously reported that South Africa sees between 150 and 300 cyberattacks each month \u2014 and that\u2019s just the reported incidents.\u00a0<\/p>\n\n\n\n

Many incidents go unreported due to reputational fears or because organisations are not compliant with POPIA and fear investigation.<\/p>\n\n\n\n

\n\n\n\n

This article was first published by Daily Investor<\/a> and is reproduced with permission.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Eastern Platinum experienced a cybersecurity incident on 27 May 2025, leading to the unauthorised release of internal files on a restricted part of the internet.<\/p>\n","protected":false},"author":341123,"featured_media":599608,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[80335,27],"tags":[99653,99654,73388,355,100262,47502,31710,68498,100263,7351,23521],"class_list":["post-599607","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-investing","category-security","tag-allianz","tag-allianz-risk-barometer","tag-astral-foods","tag-cell-c","tag-eastern-platinum","tag-information-regulator","tag-nampak","tag-protection-of-personal-information-act-popia","tag-sibanye-stillwater-2","tag-south-african-airways","tag-south-african-bureau-of-standards-sabs"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/599607"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341123"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=599607"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/599607\/revisions"}],"predecessor-version":[{"id":599610,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/599607\/revisions\/599610"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/599608"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=599607"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=599607"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=599607"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}