Prominent South African company hit by cyberattack

Eastern Platinum (Eastplats) experienced a data breach, which saw specific files related to its internal affairs released on a restricted part of the internet.

Eastplats is a platinum group metals (PGM) and chrome producer with assets located along South Africa’s Bushveld Complex, the world’s largest known PGM resource.

The company announced on 17 June 2025 that it experienced a cybersecurity incident on 27 May 2025, which affected its internal IT systems.

“Upon detection, Eastplats took immediate containment measures to protect its network and data,” the company said.

“Eastplats has since been working with cybersecurity experts to thoroughly investigate the incident’s scope and undertake necessary remedial action.”

Eastplats said its business operations have continued without disruption. However, certain files related to its internal affairs were disclosed without authorisation by third parties on a restricted part of the internet. 

The company is actively reviewing these files to ensure ongoing compliance with its legal obligations and to safeguard its commercial interests.

“Eastplats’ priorities include the protection and continuous enhancement of its data security and Systems,” it said. 

“This incident has been reported to the appropriate authorities, and Eastplats is committed to maintaining the trust and confidence of its stakeholders.”

Eastplats’ cybersecurity breach is the latest in a series of cyberattacks on South African companies over the past few years.

Across 2024 and 2025, several prominent South African companies have informed the market of cybersecurity breaches of their systems.

This has included Nampak, Sibanye-Stillwater, Astral Foods, Cell C, and South African Airways.

These attacks come as experts increasingly warn of the dangers cyberattacks present, especially for companies.

The Allianz Risk Barometer for 2025 found that cybercrime has become the biggest threat to businesses worldwide, including South Africa.

The report explained that cyber incidents, including ransomware attacks, data breaches, and IT outages, are now the top global business risk, marking their fourth consecutive year at the top. 

Cybersecurity risks

The Allianz Risk Barometer for 2025 explained that, a decade ago, only 12% of global respondents cited cyber as a major concern. In 2025, that number surged to 38%.

“Cyber is the top risk across North and South America, Europe, and Africa, dominating industry concerns from aviation to legal services,” Allianz said. 

“More importantly, it now ranks as the number one risk in South Africa, overtaking long-standing issues like load-shedding and political instability.”

Allianz explained that this concern is not just theoretical, citing two recent, high-profile cyberattacks on two major South African organisations — Cell C and the South African Bureau of Standards (SABS). 

“Both incidents have raised serious questions about compliance, cybersecurity readiness, and whether these attacks could have been prevented,” it said.

The World Wide Industrial & Systems Engineers’ lead ISO specialist, Herman Stroop, said both attacks were entirely preventable.

He said one key challenge in South Africa is poor enforcement of existing regulations, including the Protection of Personal Information Act (POPIA) and Minimum Information Security Standards.

These regulations lay out clear expectations for information governance, yet Stroop said many organisations either ignore or delay compliance due to a perceived lack of consequences.

“The irony is that prevention is far cheaper than remediation,” he said. Following a cyberattack, organisations often suffer reputational damage, legal liability, and operational downtime.

Stroop said these consequences far exceed the cost of implementing an ISO-compliant Information Security Management System.

In addition, Stroop called for greater transparency from companies after they suffer a data breach.

“Details about the nature of the attacks and how they were handled remain vague,” he said. 

“When an organisation isn’t ISO-certified, it usually doesn’t have the documentation, procedures or incident response plans to respond properly – let alone communicate clearly – during a breach.”

The Information Regulator previously reported that South Africa sees between 150 and 300 cyberattacks each month — and that’s just the reported incidents. 

Many incidents go unreported due to reputational fears or because organisations are not compliant with POPIA and fear investigation.

This article was first published by Daily Investor and is reproduced with permission.