Ransomware Attack Hits Sumitomo's Philippine Nickel Subsidiary

Severity: Medium (Score: 48.9)

Sources: Tipranks, Bitget

Summary

Sumitomo Metal Mining's Coral Bay Nickel Corporation in the Philippines experienced a ransomware attack, resulting in the encryption of two servers due to unauthorized access. The company has isolated the affected servers and is working with external specialists to investigate the breach and restore systems. Operations at the Coral Bay Nickel production plant remain unaffected, and production continues as control systems are intact. Sumitomo has disconnected the networks of Coral Bay Nickel and related entities as a precaution. The company anticipates only a limited impact on its financial results for the fiscal year ending March 2026, with a detailed assessment ongoing. The attack highlights the increasing cyber threats faced by commodity producers, although the broader economic factors will ultimately dictate the impact on nickel prices. The incident reflects the operational challenges posed by ransomware in the industrial sector, particularly as companies navigate the complexities of the commodity cycle. Key Points: • Coral Bay Nickel Corporation suffered a ransomware attack affecting two servers. • Production at the facility remains unaffected, with operations continuing normally. • Sumitomo expects limited financial impact from the incident, with ongoing assessments.

Key Entities

• Ransomware (attack_type)
• Coral Bay Nickel Corporation (company)
• Sumitomo (company)
• Sumitomo Metal Mining Philippine Holdings (company)
• Taganito HPAL Nickel (company)
• Philippines (country)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1486 - Data Encrypted for Impact (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• Clop (ransomware_group)