Recently, the largest steel producer in the United States, Nucor Corporation, confirmed that it was hit by a cyberattack where hackers stole company data. This incident forced the company to shut down some of its systems and also led to temporary production delays at multiple locations.
The attack was made public in a document filed with the U.S. Securities and Exchange Commission (SEC) on May 14, 2025. In the filing, Nucor clearly stated that an unauthorized third party gained access to some parts of its IT systems. After discovering the attack, the company immediately took action to contain the breach.
Nucor activated its incident response plan and disconnected certain systems to prevent further damage. As a result, some of its production facilities in the U.S., Mexico, and Canada were affected and had to be paused temporarily. The company said that the decision to stop production was taken “out of an abundance of caution.”
To investigate the attack, external cybersecurity experts were hired. Nucor also reported the breach to federal law enforcement agencies. At the time of the announcement, the company was still working on restoring its operations and had started gradually bringing systems back online.
What makes the situation more serious is that data theft has been confirmed. However, the company did not share details about what kind of data was stolen. It’s still not clear whether it included customer information, employee records, or internal company documents.
Cybersecurity researchers believe that this incident looks like a ransomware or data extortion attack, which has become common lately. In such cases, hackers usually steal and encrypt data and then threaten to leak it unless a ransom is paid. These types of attacks have targeted several industries recently, especially the manufacturing and critical infrastructure sectors.
For those who don’t know, Nucor is based in Charlotte, North Carolina, and is one of the most important players in the steel industry. It runs over 20 steel mills and more than 70 scrap recycling facilities across North America. In the first quarter of 2025, Nucor reported around $7.8 billion in revenue, making it a major force in construction and infrastructure supply chains.
Because of its size and importance, even a small disruption in Nucor’s operations can affect multiple industries that rely on steel products. This includes construction, transportation, and energy sectors. The impact of the cyberattack is still being measured, and so far, the company has not shared exact figures related to financial loss or recovery costs.
Nucor has confirmed that it is working closely with cybersecurity professionals to analyze how the attackers got in, what was accessed, and how to make sure it doesn’t happen again. The company said it will keep monitoring the situation and will share more updates if the breach has any further impact on its business.
This incident highlights once again how industrial companies are becoming prime targets for cybercriminals. Attacks like these don’t just cause business losses but also raise concerns about the security of critical infrastructure in general.
As of now, Nucor is focused on getting its operations fully back online while continuing the investigation into the breach. The company also assured customers, partners, and investors that it is doing everything possible to ensure the safety and security of its systems going forward.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
