Charlotte-based steel giant Nucor Corporation disclosed a significant cybersecurity incident where threat actors gained unauthorized access to the companyβs information technology infrastructure.
The breach prompted temporary production shutdowns across multiple facilities as the company implemented emergency containment protocols and engaged federal law enforcement authorities to investigate the intrusion.
According to the SEC filing report, Nucorβs cybersecurity team detected unauthorized access to critical IT systems that support operational functions across the companyβs steel manufacturing facilities.
The threat actors successfully penetrated the companyβs network perimeter and maintained persistence within the compromised infrastructure, forcing Nucor to activate its formal incident response plan immediately upon discovery.
Steelmaker Nucor Hacked
The company proactively implemented network segmentation procedures and took potentially affected systems offline to prevent lateral movement by the attackers.
This defensive measure resulted in temporary limitations to information technology applications that support manufacturing operations, compelling management to halt production activities at various locations as a precautionary measure.
The disruption affected multiple facilities within Nucorβs nationwide network of steel production plants.
Nucorβs comprehensive forensic analysis, conducted in partnership with leading external cybersecurity specialists, confirmed that the threat actors successfully exfiltrated limited datasets from the companyβs information technology systems during the breach period.
The investigation revealed evidence of data extraction activities, though the company characterized the volume of compromised information as βlimitedβ in scope.
The stolen data is currently undergoing detailed review and classification to determine the specific types of information accessed by the attackers.
Nucor indicated it will provide appropriate notifications to potentially affected parties and regulatory agencies in compliance with applicable data breach notification statutes and industry-specific cybersecurity regulations.
The companyβs investigation team continues analyzing system logs and network traffic patterns to establish a complete timeline of the attackersβ activities within the compromised environment.
Mitigation steps >>
Since the initial Form 8-K filing, Nucor has successfully restored all affected production operations and reestablished access to critical information technology applications required for normal business functions.
The companyβs cybersecurity team, working alongside external incident response specialists, implemented additional security controls and network hardening measures to prevent future unauthorized access attempts.
Federal law enforcement authorities remain actively involved in the investigation, with Nucor providing full cooperation to support the criminal inquiry into the cyberattack.
The company confirmed that threat actors no longer maintain access to its information technology systems following the comprehensive remediation activities.
Despite the operational disruptions and security breach, Nucorβs management assessment indicates the incident has not materially impacted the companyβs financial condition or operational capabilities.