Last Updated on Tuesday, 21 April 2026, 21:15 by Writer
Despite claims by the online extortion group, FulcrumSec (or Fulcrum Security), that it has hijacked sensitive data about Guyana’s mining sector, a top Ministry of Natural Resources official on Tuesday said the government was informed that all data accessed were those publicly available.
“The data they are reporting was ‘hacked’ is in fact public disclosure data on Prospector’s side – data from press releases, public disclosure filings, etc. so is not proprietary. It appears the Guyana data they are referencing is also already public through the mineral tenure map on the GGMC (Guyana Geology and Mines Commission) site, it is just articulated in a way to make it look like it was hacked,” the ministry official said in relating what was told by Global Venture.
The source said the natural resources ministry was informed that Global Venture, the company that Guyana has hired to conduct mineral mapping, received a suspicious email dated April 15 with a ransom request for US$500,000 in cryptocurrency to prevent FulcrumSec from releasing data that the email claimed was available through a web link.
The source said Global Venture notified the Information Technology (IT) department of the Guyana Geology and Mines Commission and took evasive technological action.
The government said Global Venture deemed the FulcrumSec email “suspicious” because it referred to Analog Gold Inc with which Global has no links and is not operating in Guyana.
Further, the Guyana government was told that Prospector has not had any ties with Analog Gold in more than three years, the natural resources ministry official said.
The ministry said Prospector, an artificial intelligence (AI) platform that was launched by Global Venture six years ago, has conducted an audit but latest indications were that nothing malicious was done to the data.
However, the ministry said it was informed that FulcrumSec appeared to have accessed Prospector’s public data and retained a copy from the Amazon S3 buckets.
Prospector has since closed that security vulnerability and was continuing to monitor and have added extra precautions.
The Ministry of Natural Resources said the hacker exploited a key and accessed data in the staging platform of Global Venture’s Prospector platform.
The dark web reported on Tuesday that FulcrumSec claimed that the breach included 2.2 terabytes of data across 52 S3 buckets, primarily exposing the complete commercial infrastructure of the platform alongside Guyana’s sovereign government mining database.
FulcrumSec alleged that the breach occurred due to severe infrastructure misconfigurations, stating that the sensitive data of a sovereign nation was stored in the same Amazon Web Services (AWS) account as the startup’s staging logs and machine learning training data.
The threat actor is currently leveraging a 58 GB “highlights package” to extort the company.
The hacker group claimed that the compromised data included full names, tax identification numbers (TIN), national identification numbers (NIN), passport numbers, dates of birth, phone numbers, email addresses, residential and home addresses, company directorship information, complete decision history and identities of named GGMC government officials, 12,987 mineral license records with precise GPS polygon coordinates, unreleased government planning data, including 41 proposed Amerindian land extensions, 1,886+ proprietary NI 43-101 technical mining reports, and complete MySQL, PostgreSQL, and MSSQL database dumps among other data.
Discover more from Demerara Waves Online News- Guyana
Subscribe to get the latest posts sent to your email.
