Johannesburg Stock Exchange listed company, Sibanye-Stillwater, is another addition to the growing ranks of cyber attack victims.

The multi-national mining and metals group joins the Department of Health’s National Health Laboratory Service (NHLS) and the Department of Public Works and Infrastructure (DPWI) as the most recent large entities to make known cyber-attacks. The NHLS attack, attributed to a group calling itself BlackSuit, could have fatal outcomes as it affects delivery of medical data.

In a statement on 11 July, Sibanye-Stillwater said it had experienced a cyber-attack affecting its IT systems globally.

“As soon as the company became aware of the incident, immediate containment measures were implemented in line with our incident response plan, to proactively isolate IT systems and safeguard data.”

According to the company, while the investigation into the incident is ongoing, there has been limited disruption to group operations.

“Sibanye-Stillwater takes this incident seriously and is committed to addressing the cyber-attack. Our efforts remain focused on working towards the full remediation of the effects of this attack. We are voluntarily reporting this incident to the appropriate regulators and will provide further updates as necessary,” the company said.

Other large companies to have been targeted by cyber attackers in South Africa include TransUnion, Dis-Chem, Experian and the Legal Practitioners Fidelity Fund.

Cyber security company and VPN provider Surfshark said South Africa’s cyber crime density – the percentage of cyber crime victims among a specific number of internet users –placed the country in fifth position globally.

ITWeb reported that in the 2022 financial year (February 2023), the Information Regulator received 500 notifications of data breaches or security incidents. In the 2023 financial year (February 2024), the number spiked to over 1 700 reported security compromises.