Cybersecurity incident forces largest US steelmaker to take some operations offline

North Carolina-based steel company Nucor said it temporarily halted production operations at some locations because of a recent cybersecurity incident and is working to restart them.

In an 8-K filing with federal regulators, Nucor said the incident involved “unauthorized third party access to certain information technology systems” but did not explain further. 

The company “began promptly taking steps to contain and respond to the incident, including activating its incident response plan, proactively taking potentially affected systems offline and implementing other containment, remediation, or recovery measures,” the filing said.

Nucor did not specify which facilities were affected. The company said it only halted some operations “in an abundance of caution.” From recycling centers to large plants, the company operates at about 300 locations overall.

Headquartered in Charlotte, Nucor reported sales of $7.83 billion in the first quarter of 2025 and calls itself “North America’s largest steel manufacturer and recycler,” with about 25,000 employees. Industry analysts list it as one of the top 20 in the world.

One of its largest projects is a $3 billion facility under construction in West Virginia. 

Large manufacturers are under constant pressure from malicious hackers, whether the interest is financial cybercrime, intellectual property theft or even nation-state espionage.

Recent cybersecurity-related 8-K filings by U.S. manufacturers include medical technology company Masimo, industrial sensor maker Sensata, home appliance company National Presto Industries and semiconductor firm Microchip Technology.

The trend applies globally, with industrial firms in the United Kingdom and Switzerland among those reporting cybersecurity incidents over the past year.