Back to Blog
high severity January 25, 2026 · scope unconfirmed

EASTPLATS.COM Listed by clop Ransomware Group

[AI generated] Eastern Platinum Limited, also known as EASTPLATS.COM, is a Canadian-based mining company that specializes in the exploration, development, mining, and processing of platinum group metals (PGMs) including platinum, palladium, and rhodium. They focus on PGM deposits found specifically in southern Africa, offering both open-cast and underground mining.

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed January 25, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On January 25, 2026, the ransomware group Clop added EASTPLATS.COM to its public leak site, confirming that it had exfiltrated internal files from Eastern Platinum Limited, a Canadian mining company focused on platinum group metals in southern Africa.

Confirmed Facts from Reporting

Public reporting indicates the company’s systems were compromised in a ransomware incident. Clop listed EASTPLATS.COM on its dark-web leak portal, stating that internal files had been taken. The exact number of files and their specific contents remain undisclosed in available reporting. No confirmed count of affected individuals has been released, though any personal or employee data contained in the stolen files would now be at risk of further exposure. The listing appeared on the Clop leak site hosted at a known onion address, a standard step the group takes when victims do not meet its payment demands.

Why This Matters for You and Your Family

Even when a breach hits a mining company rather than a consumer service, the consequences can reach ordinary people. Employee records, vendor contracts, or partner documents often contain names, addresses, dates of birth, Social Security numbers, or contact details that belong to real families. Once those records leave the company’s control, they can be sold, posted, or used to target you or your relatives with identity theft, phishing, or harassment. Internal files exfiltrated in ransomware attacks frequently include spreadsheets that link personal identifiers to financial or health information, creating long-term exposure that does not expire when the news cycle moves on.

The Doxxing and Identity-Chain Implications

Ransomware leaks like this one rarely stop at the initial data set. Criminals routinely cross-reference stolen corporate files with information already circulating on breach forums. A single email address or phone number found in EASTPLATS.COM files can be chained to your social-media accounts, online shopping profiles, or children’s gaming usernames. These connections allow attackers to build a complete picture of your household, increasing the chance of account takeovers or targeted doxxing. Credential leaks of this nature frequently cascade into gaming platforms, where children’s accounts become entry points for further harassment or extortion because the same password or recovery email is reused across adult and family services.

Clop’s Publicly Known Track Record

Public reporting attributes the attacks to the Clop ransomware group, which first gained widespread attention around 2019. The group is known for targeting large organizations and double-extortion tactics: it encrypts victim systems and threatens to publish stolen data if ransom is not paid. Notable prior victims include major corporations in finance, healthcare, and technology sectors. Clop’s typical playbook involves initial access through compromised remote desktop credentials or vulnerable file-transfer software, followed by extensive exfiltration before encryption. The group then posts samples on its leak site and sets payment deadlines, often giving victims a short window before releasing additional batches of data.

What to do

  • Run a DoxxScan to map every link between your emails, phone numbers, usernames, and real-world identity so you can see exactly what chains back to this breach.
  • Rotate any password you used at EASTPLATS.COM or related corporate services anywhere it has been reused, and switch to 2FA through an authenticator app rather than SMS.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your information is caught in hours, not months.
  • Cover the household with DoxxScan family protection that includes dependents and your children’s gaming accounts, which often become targets when corporate credential leaks create doxxing chains.
  • Let remediation specialists handle takedown requests for any personal records that surface on data-broker or underground sites.

The incident shows that corporate ransomware leaks continue to expose ordinary families to identity risks long after the initial attack. Taking concrete steps now limits how far attackers can travel down the identity chain. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts. Start your DoxxScan trial today to close the gaps this breach and future ones can exploit.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.