On 14 May 2025, the Nucor Corporation, which is the largest steel producer in the United States, disclosed a cybersecurity incident involving unauthorized access to certain IT systems. In response, the Charlotte-based company proactively took affected systems offline and temporarily halted production at various locations as a precautionary measure. In its 8-K filing with the US Securities and Exchange Commission, Nucor stated: "Upon detecting the incident, the company began promptly taking steps to contain and respond to the incident, including activating its incident response plan, proactively taking potentially affected systems offline and implementing other containment, remediation, or recovery measures."
The company is actively investigating the breach with the assistance of external cybersecurity experts and has notified the federal law enforcement authorities. While specific details about the nature of the attack and the affected facilities have not been disclosed, Nucor emphasized that the shutdowns were implemented "in an abundance of caution."
Nucor operates approximately 300 locations across North America, including steel mills, fabrication plants, and recycling centers. The company reported $7.83 billion in sales for the first quarter of 2025 and employs around 25,000 individuals. Those results beat analysts' profit estimates, helped by higher steel shipments and improving steel spot prices. Nucor considers itself the "largest and most diversified steel and steel products producer" in North America. It makes several products such as bars, beams, electrical conduit, girders, and fasteners, according to its website.
This incident underscores the growing cybersecurity threats facing critical infrastructure sectors, such as oil and gas. Manufacturers like Nucor are increasingly targeted by cyberattacks that can disrupt operations and supply chains. The company's swift response highlights the importance of robust incident response plans and collaboration with cybersecurity experts to mitigate potential damages.
As investigations continue, stakeholders across the manufacturing and cybersecurity industries will be closely monitoring developments to glean insights and reinforce their own defensive measures.
Red Sky Alliance first reported on Nucor in our weekly Cyber Intel Report, dtd 16 May 2025.
Source: https://www.secureworld.io/industry-news/steelmaker-nucor-breach
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
Comments