Nucor Confirms Data Theft in Recent Cyberattack

Steel Producer Shuts Down Operations to Contain Threat

Nucor Corporation, North America’s top steel manufacturer, has confirmed that cybercriminals stole data during a recent security breach. The company employs over 32,000 people across the U.S., Mexico, and Canada. Its annual revenue surpassed $30 billion in 2024.

Last month, Nucor took some systems offline to limit the breach. Production at several sites was temporarily halted. Law enforcement and external cybersecurity teams were called in to manage the response.

A new filing with the U.S. Securities and Exchange Commission (SEC) now confirms that attackers exfiltrated limited data from Nucor’s IT systems. The company is still assessing the nature of the exposed data.

Impacted Systems Now Restored

According to Nucor, access has been restored across all impacted systems. The company believes the threat actors no longer have access to its infrastructure.

“The cybersecurity incident resulted in a temporary limitation of access to parts of our IT applications,” Nucor noted in its SEC update. “The threat actor exfiltrated limited data, and we’re currently reviewing the scope and will notify affected parties if necessary.”

It remains unclear when the breach occurred or what method was used. The company has not confirmed if the attack involved encryption or ransomware.

Double-Extortion Concerns Remain

Although no ransomware group has claimed responsibility, the method matches double-extortion tactics. These involve stealing data before encrypting systems, then threatening to leak the information unless a ransom is paid.

Nucor has not disclosed if the attackers made contact or issued any demands. The company continues its investigation and has committed to following all legal reporting obligations.