Nucor, North America’s largest metal producer and recycler, has confirmed that attackers behind a latest cybersecurity incident have additionally stolen knowledge from the corporate’s community.
The metal big employs greater than 32,000 folks in quite a few mills throughout the U.S., Mexico, and Canada and reported a income of $30.73 billion final 12 months.
Nucor disclosed this incident final month, revealing that it took down some techniques to comprise the safety breach and halted manufacturing at a few of its services. It additionally stated it had notified regulation enforcement authorities and employed exterior cybersecurity specialists to help with the restoration efforts and investigation.
Whereas it did not present extra info relating to the incident, in a brand new submitting with the U.S. Securities and Trade Fee (SEC), Nucor confirmed that the attackers additionally stole knowledge from compromised techniques.
“The cybersecurity incident resulted in a brief limitation of entry to parts of the Firm’s info expertise functions supporting some elements of the Firm’s operations at a number of the Firm’s services, and as famous within the Authentic Kind 8-Ok, in an abundance of warning, the Firm quickly and proactively halted sure manufacturing operations at varied areas,” Nucor stated.
“The Firm’s investigation additionally decided that the risk actor exfiltrated restricted knowledge from the Firm’s info expertise techniques. The Firm is reviewing and evaluating the impacted knowledge and can perform any applicable notifications to probably affected events and to regulatory companies as required by relevant regulation.”
Nucor says it has additionally restored entry to techniques impacted by the latest breach and affected manufacturing operations, including that it believes the risk actors have been evicted and now not have entry to its community.
The corporate has but to share additional particulars relating to the date the breach was found or the kind of assault, so it is unknown if the attackers additionally encrypted techniques compromised through the incident.
Presently, no ransomware operations have claimed duty for the Nucor assault. Nonetheless, most of them additionally steal delicate knowledge earlier than deploying ransomware on victims’ networks as a part of double-extortion schemes.
BleepingComputer contacted the corporate for extra details about the breach, however Nucor has not replied.
Patching used to imply advanced scripts, lengthy hours, and countless fireplace drills. Not anymore.
On this new information, Tines breaks down how trendy IT orgs are leveling up with automation. Patch quicker, scale back overhead, and deal with strategic work — no advanced scripts required.
