Stillwater Mining Data Breach Affects 7,258 Americans

On July 8, 2024, Stillwater Mining Company, a part of the Sibanye-Stillwater group, discovered a significant data breach that affected its information and communications technology systems. This breach was part of a cyber-attack that compromised systems within their global network.

An investigation revealed unauthorized activity on certain U.S. systems dating back to mid-June 2024. As a result, the personal information of 7,258 individuals in the United States was exposed, including sensitive data such as Social Security numbers, medical records, and financial account details.

The breach was disclosed to the Massachusetts Attorney General's office, affecting at least four individuals in Massachusetts and two in Maine. For more detailed information, you can view the disclosures on the Maine Attorney General's website and the Massachusetts Attorney General's website.

Stillwater Mining's Response

Upon discovering the breach, Stillwater Mining Company quickly took steps to contain and remediate the incident. They initiated their Incident Response plan and engaged external cybersecurity experts and forensic firms to assist in the investigation. The company has been closely monitoring their systems for any further activity and has implemented additional security measures, such as refining password policies and enhancing end-point detection and real-time monitoring capabilities.

As a precaution, they are offering affected individuals free identity and credit monitoring services through Experian.

Steps for Affected Individuals

If you have been affected by this data breach, it is crucial to take proactive steps to protect your personal information. Here are some recommended actions:

1. Enroll in Identity and Credit Monitoring: Take advantage of the free 24-month Experian IdentityWorks membership offered by Stillwater Mining Company. This service provides identity detection and resolution support.
2. Monitor Your Financial Accounts: Regularly review your bank and credit card statements for any unauthorized transactions. Report any suspicious activity to your financial institution immediately.
3. Check Your Credit Reports: Obtain a free credit report from each of the three major credit bureaus—Equifax, Experian, and TransUnion—via AnnualCreditReport.com. Look for any unfamiliar accounts or inquiries.
4. Consider a Credit Freeze: If you suspect your information has been misused, placing a credit freeze on your report can prevent new accounts from being opened in your name without your consent.
5. Stay Vigilant: Be cautious of unsolicited communications asking for personal information. Avoid clicking on links or downloading attachments from unknown emails.