Breach taxonomy
Summary
Around May 13, 2025, Nucor Corporation identified unauthorized third-party access to certain IT systems and promptly activated its incident response plan, taking affected systems offline and engaging external cybersecurity experts. As a precautionary measure, production operations were temporarily halted at various locations. A follow-up 8-K/A filed June 20, 2025 confirmed that the threat actor exfiltrated limited data and that all affected production operations and IT systems had since been fully restored. The incident was determined not material to Nucor's financial condition or results of operations.
Tagging rationale
ThreatUnknown
Filing refers to 'unauthorized third party' without identifying actor type -> UNKNOWN.
MethodsMalwareData Exfil
Original filing describes unauthorized third-party access requiring system shutdowns and containment; the 8-K/A amendment confirms the threat actor also exfiltrated limited data -> MALWARE + DATA-EXFIL.