Nucor, North America’s largest metal producer and recycler, has confirmed that attackers behind a current cybersecurity incident have additionally stolen knowledge from the corporate’s community.
The metal big employs greater than 32,000 folks in quite a few mills throughout the U.S., Mexico, and Canada and reported a income of $30.73 billion final yr.
Nucor disclosed this incident final month, revealing that it took down some programs to include the safety breach and halted manufacturing at a few of its services. It additionally stated it had notified legislation enforcement authorities and employed exterior cybersecurity specialists to help with the restoration efforts and investigation.
Whereas it did not present extra info concerning the incident, in a brand new submitting with the U.S. Securities and Alternate Fee (SEC), Nucor confirmed that the attackers additionally stole knowledge from compromised programs.
“The cybersecurity incident resulted in a brief limitation of entry to parts of the Firm’s info expertise functions supporting some features of the Firm’s operations at among the Firm’s services, and as famous within the Unique Type 8-Okay, in an abundance of warning, the Firm quickly and proactively halted sure manufacturing operations at varied areas,” Nucor stated.
“The Firm’s investigation additionally decided that the menace actor exfiltrated restricted knowledge from the Firm’s info expertise programs. The Firm is reviewing and evaluating the impacted knowledge and can perform any applicable notifications to probably affected events and to regulatory businesses as required by relevant legislation.”
Nucor says it has additionally restored entry to programs impacted by the current breach and affected manufacturing operations, including that it believes the menace actors have been evicted and not have entry to its community.
The corporate has but to share additional particulars concerning the date the breach was found or the kind of assault, so it is unknown if the attackers additionally encrypted programs compromised throughout the incident.
At the moment, no ransomware operations have claimed duty for the Nucor assault. Nonetheless, most of them additionally steal delicate knowledge earlier than deploying ransomware on victims’ networks as a part of double-extortion schemes.
BleepingComputer contacted the corporate for extra details about the breach, however Nucor has not replied.
Patching used to imply complicated scripts, lengthy hours, and infinite hearth drills. Not anymore.
On this new information, Tines breaks down how fashionable IT orgs are leveling up with automation. Patch sooner, scale back overhead, and deal with strategic work — no complicated scripts required.
