logo
Home/News/News article/

Steel giant Nucor confirms hackers stole data in recent breach

Nucor

Nucor, North America's largest steel producer and recycler, has confirmed that attackers behind a recent cybersecurity incident have also stolen data from the company's network.

The steel giant employs more than 32,000 people in numerous mills across the U.S., Mexico, and Canada and reported a revenue of $30.73 billion last year.

Nucor disclosed this incident last month, revealing that it took down some systems to contain the security breach and halted production at some of its facilities. It also said it had notified law enforcement authorities and hired external cybersecurity experts to assist with the recovery efforts and investigation.

While it didn't provide additional information regarding the incident, in a new filing with the U.S. Securities and Exchange Commission (SEC), Nucor confirmed that the attackers also stole data from compromised systems.

"The cybersecurity incident resulted in a temporary limitation of access to portions of the Company's information technology applications supporting some aspects of the Company's operations at some of the Company's facilities, and as noted in the Original Form 8-K, in an abundance of caution, the Company temporarily and proactively halted certain production operations at various locations," Nucor said.

"The Company's investigation also determined that the threat actor exfiltrated limited data from the Company's information technology systems. The Company is reviewing and evaluating the impacted data and will carry out any appropriate notifications to potentially affected parties and to regulatory agencies as required by applicable law."

Nucor says it has also restored access to systems impacted by the recent breach and affected production operations, adding that it believes the threat actors have been evicted and no longer have access to its network.

The company has yet to share further details regarding the date the breach was discovered or the type of attack, so it's unknown if the attackers also encrypted systems compromised during the incident.

Currently, no ransomware operations have claimed responsibility for the Nucor attack. Still, most of them also steal sensitive data before deploying ransomware on victims' networks as part of double-extortion schemes.

BleepingComputer contacted the company for more information about the breach, but Nucor has not replied.

Free online web security scanner

Top News: