Nippon Steel zero-day attack has revealed the vulnerable side of the global steel giant, with tens of thousands of business partners, employees, and customers potentially affected. The recent cyberattack highlights ongoing risks for even the most established industrial companies. Nippon Steel, one of the world’s top steel producers, disclosed it suffered a zero-day cyberattack in March 2025. This breach led to unauthorized access to sensitive personal information belonging to business partners, employees, and customers. Despite quick containment efforts, the incident marks the second cyberattack the company has faced in 2025, raising concerns about the security of critical infrastructure in the industrial sector.
Details of the Zero-Day Attack
On March 7th, Nippon Steel publicly announced the discovery of a zero-day attack exploiting a software vulnerability within its internal network. The attackers accessed a limited amount of data, but the impact spans a large number of individuals and companies connected to Nippon Steel globally.
According to the company’s statement:
- Customer data accessed includes names, job titles, company affiliations, business emails, phone numbers, and addresses.
- Business partners had their names and business email addresses (from Nippon’s domain) accessed.
- Employee information included names, departments, positions, and business emails.
The steel manufacturer emphasized that none of its cloud-based customer services were affected by the attack.
Response and Mitigation Efforts
Once suspicious activity was detected, Nippon Steel isolated the compromised server and enlisted cybersecurity experts to mitigate further damage. The company is enhancing its security by reconstructing affected devices and strengthening network exit controls and behavior detection systems to prevent recurrence.
Scope and Reach of Nippon Steel
Nippon Steel operates globally with over 113,000 employees, 316 consolidated subsidiaries, and business partnerships in multiple industries including automotive, chemicals, IT solutions, and medical care. Their offices span Asia, the Americas, Europe, the Middle East, and Africa.
The breach’s exact scope remains unclear, but Nippon Steel is actively notifying impacted customers, partners, and employees. The company urges vigilance against phishing attempts as no evidence currently suggests the stolen data has been widely circulated.
Connection to Previous Ransomware Attack
Earlier in 2025, the BianLian ransomware group targeted Nippon Steel’s US division.
They claimed to have stolen 500 GB of data from the company.
The stolen data included contact info of top executives and critical financial details.
Speculation suggests Nippon Steel paid a ransom due to the quick removal of its name from the leak site.
Such ransomware attacks often involve “double extortion,” where attackers keep copies of data or maintain access to networks for further exploitation.
Ongoing Security Measures and Outlook
Nippon Steel’s recent security updates reflect an effort to prevent future attacks and address vulnerabilities exposed by these breaches. The company is actively communicating with those affected and continues to monitor for suspicious activity.
Coincidentally, just months before these attacks, Nippon Steel finalized its acquisition of US Steel in a deal that was on hold during the initial breach.
Conclusion
The Nippon Steel zero-day attack serves as a stark reminder that even industry giants face serious cybersecurity threats. Protecting sensitive business and personal data requires constant vigilance and advanced security strategies. As cyberattacks grow in sophistication, companies must remain proactive in safeguarding their networks and stakeholders.
0 responses to “Nippon Steel Zero-Day Attack Exposes Business and Employee Data”