Nucor Corporation suffered a cybersecurity incident. Nucor is the largest U.S. steel producer. The company took parts of its networks offline. It also implemented containment measures due to the attack. This incident caused temporary production suspensions at multiple locations. The full business impact remains unclear at this time. Nucor is a major steel producer and scrap recycler.
It employs over 32,000 people and reported high Q1 revenue.
The cybersecurity incident was disclosed in an SEC filing. This 8-K filing was submitted earlier today, May 15, 2025. Nucor identified unauthorized third-party access to its IT systems. Upon detecting this incident, the company acted promptly. It activated its incident response plan immediately. Potentially affected systems were taken offline proactively. Other containment and recovery measures were also implemented by Nucor.
Nucor has notified relevant law enforcement authorities.
The company also engaged external cybersecurity experts for assistance. These experts will help with the ongoing investigation. Meanwhile, certain production operations were halted by the incident. This occurred at various Nucor plant locations. Nucor noted that it is in the process. It is gradually restarting these affected production operations. The restart process is currently underway.
Details about the attack’s date were not provided. The specific type of attack also remains unknown. It is unclear if data theft occurred. Data encryption involvement is also not confirmed. At the time of writing this report, no groups claimed responsibility. Ransomware group involvement has not been stated. Therefore, the perpetrators of this attack are currently unknown. Many questions about the incident persist.
Reference:
