EMX Royalty Corporation, a subsidiary of which operates in Turkey, fell victim to a cyber attack discovered in April 2024. The incident resulted in a potential financial loss of up to $2.325 million, prompting the company to pursue legal avenues for recovery. While the attack did not explicitly mention data breaches or operational disruptions beyond financial impact, EMX is actively reassessing its cybersecurity risk profile, strengthening internal controls, and enhancing incident response protocols. The company acknowledged the evolving nature of cyber threats and committed to further investments in protective measures, vulnerability remediation, and personnel training in Turkey. Despite the setback, EMX continues its growth initiatives, including recent royalty acquisitions and board expansions, signaling resilience in its strategic operations.
TPRM report: https://www.rankiteo.com/company/emx-royalty-corporation
"id": "emx1320613102825",
"linkid": "emx-royalty-corporation",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Mining/Royalties',
'location': 'Turkey (subsidiary)',
'name': 'EMX Royalty Corporation',
'type': 'Public Company'}],
'date_detected': '2024-04',
'date_publicly_disclosed': '2024-05',
'description': 'EMX Royalty Corporation (TSXV: EMX) announced that one of its '
'subsidiaries in Turkey fell victim to a cyber attack '
'discovered in April 2024. The incident could result in a '
'financial loss of up to $2.325 million. The company is '
'actively pursuing legal means to recover funds and mitigate '
'the impact, while evaluating its cybersecurity risk profile '
'and addressing operational issues in Turkey. EMX is '
'bolstering existing controls and enhancing its cyber incident '
'response protocols.',
'impact': {'financial_loss': '$2.325 million (potential)',
'operational_impact': 'Issues related to personnel and operations '
'in Turkey'},
'investigation_status': 'Ongoing (evaluating cybersecurity risk profile and '
'addressing operational issues)',
'lessons_learned': 'Need for continuous investment in cybersecurity measures '
'to address evolving threats, including modifying '
'protective measures and investigating vulnerabilities.',
'post_incident_analysis': {'corrective_actions': ['Bolstering existing '
'controls',
'Enhancing cyber incident '
'response protocols',
'Investing in additional '
'resources for protective '
'measures and vulnerability '
'remediation']},
'recommendations': ['Bolster existing cybersecurity controls '
'organization-wide',
'Enhance cyber incident response protocols',
'Allocate additional resources for vulnerability '
'remediation and threat mitigation'],
'references': [{'source': 'EMX Royalty Corporation Q1 2024 Earnings News '
'Release'}],
'regulatory_compliance': {'legal_actions': 'Pursuing legally available means '
'to recover funds'},
'response': {'communication_strategy': 'Public disclosure in Q1 2024 earnings '
'release',
'enhanced_monitoring': 'Monitoring for additional measures to '
'enhance cyber incident response',
'incident_response_plan_activated': True,
'recovery_measures': 'Pursuing legally available means to '
'recover lost funds',
'remediation_measures': 'Bolstering existing controls, '
'monitoring for additional measures'},
'title': "Cyber Attack on EMX Royalty Corporation's Subsidiary in Turkey",
'type': 'Cyber Attack'}