Nucor Corporation (NYSE: NUE), the largest steel producer in North America, confirmed on Wednesday that it had suffered a cybersecurity breach resulting in temporary disruptions to its production operations.
In a filing with the U.S. Securities and Exchange Commission (SEC), the North Carolina-based steelmaker said it had detected unauthorized access to its IT systems. In response, Nucor proactively shut down certain systems and temporarily halted production at various facilities “out of an abundance of caution.”
The company said it is currently working to restart affected operations and has launched an investigation with the assistance of law enforcement and external cybersecurity experts.
Investigation Ongoing as Ransomware Remains a Possibility
While Nucor has not specified the nature of the attack, the phrasing in its statement suggests a potential ransomware incident, although no ransomware group has publicly claimed responsibility so far.
“Nucor has implemented containment and recovery measures,” the company noted. “The full impact of the incident is still being assessed, and it remains unclear whether it will result in a material financial impact.”
If ransomware is confirmed, Nucor would join the growing list of industrial giants targeted in recent years. In 2024, German steelmaker Thyssenkrupp had operations in one of its automotive units disrupted by a similar attack.
As one of America’s largest steel manufacturers and recyclers, Nucor plays a vital role in the U.S. industrial supply chain. Cyberattacks targeting such firms are increasingly viewed as a national security concern, especially when disruptions impact manufacturing at scale.
With no attribution made public, and the company remaining tight-lipped about technical details, it is unknown whether the incident involved data theft, encryption of files, or operational technology (OT) compromise.
Nucor said it is continuing to monitor and mitigate risks as systems are brought back online.
