Nucor Corporation Discloses Cyberattack to SEC Following Ransomware Attack

A recent cyberattack has impacted Nucor Corporation, the largest steel producer in the United States. On May 13, 2025, Nucor disclosed that it had detected unauthorized third-party access to certain information technology systems used by the company. Upon discovery, Nucor initiated its incident response plan, which included taking affected systems offline and implementing containment, remediation, and recovery measures.

The company also temporarily and proactively halted production operations at various locations as a precautionary measure. As of the date of disclosure, Nucor was in the process of restarting those affected operations.

At this time, the number of individuals affected and the specific information exposed has not been publicly detailed. The company has stated that the investigation is ongoing and is being conducted with the assistance of leading external cybersecurity experts, and it was significant enough to warrant a temporary halt in production and has also been reported to federal law enforcement authorities.

The breach was publicly disclosed through a filing with the Securities and Exchange Commission (SEC), which you can review in the official Nucor SEC disclosure. Additionally, a summary of the incident appeared on the open web on May 14, 2025, confirming that Nucor was targeted by a cyberattack and that production was temporarily halted in response.

Nucor Corporation's response

Nucor responded by activating its incident response plan, taking potentially affected systems offline, and implementing containment and remediation measures. The company has engaged external cybersecurity experts to assist with the investigation and has notified federal law enforcement. Production operations at multiple facilities were proactively halted but are now in the process of being restarted.

Given the nature of the incident, Nucor has not yet released details about any specific consumer resources or support for potentially affected individuals. As the investigation continues, the company may provide additional guidance or services. For now, those who may be affected should remain vigilant for suspicious communications or activity related to their personal information. It is always wise to monitor your financial accounts, be cautious with unsolicited emails or phone calls, and consider placing fraud alerts or credit freezes if you suspect your information may have been compromised.

For more information about the company and its operations, visit the Nucor Corporation website.