Data I/O Issues Update on Cybersecurity Incident

Rhea-AI Summary

Data I/O Corporation (NASDAQ: DAIO) has successfully contained and remediated a ransomware incident that was first identified on August 16, 2025. The attack originated from a vulnerability in a third-party firewall service provider and was not specifically targeted at the company.

The company reports that all systems have been restored globally with no impact on customer orders or revenue. The incident's remediation costs are expected to be approximately $180,000 in Q3 2025. However, Data I/O has achieved $300,000 in annual cost savings through ongoing optimization efforts. The company has emerged with improved corporate processes and strengthened IT security systems.

Positive

• No revenue loss or customer impact from the cybersecurity incident
• Systems fully restored with enhanced security measures
• $300,000 in annual cost savings achieved through optimization efforts
• Improved corporate processes and IT security infrastructure

Negative

• One-time expense of $180,000 in Q3 2025 for incident remediation
• Identified vulnerability in third-party firewall service provider

All Systems Operational with No Impact to Customers or Orders

Redmond, Washington--(Newsfile Corp. - September 4, 2025) - Data I/O Corporation (NASDAQ: DAIO), the leading global provider of advanced security and data deployment solutions for microcontrollers, security ICs and memory devices, today provided an update on the recently announced cybersecurity incident.

William Wentworth, the Company's President and CEO, stated, "We are pleased to report that the ransomware incident as first identified on August 16, 2025 has been completely contained and remediated. It was determined that the attack was not targeted but originated as a vulnerability of a commercially available third-party firewall service provider. With the breach being remediated, at present all our systems globally have been restored. We do not believe we have any risk exposure from the incident. After working diligently to restore the affected systems with leading cybersecurity experts, we believe our IT systems are now better protected than ever. Equally important is that our order flow from bookings to deliveries is on track and we believe no revenue has been lost as a result of the incident.

"The remediation, restoration and investigation efforts are expected to total approximately $180,000 in expenses in the third quarter ending September 30, 2025. However, on an annualized basis we have reduced about $300,000 from our spending through our ongoing efforts to optimize performance. Through dealing with this incident, we have dramatically improved our corporate processes and strengthened our IT systems for enhanced security and scalability. In the end, our business remains on course. We are grateful for the efforts and dedication of our global workforce and external advisors for their amazing response and recovery efforts."

About Data I/O Corporation

Since 1972, Data I/O has developed innovative solutions to enable the design and manufacture of electronic products for automotive, Internet-of-Things, medical, wireless, consumer electronics, industrial controls and other electronics devices. Today, our customers use Data I/O's data programming solutions and security deployment platform to secure the global electronics supply chain and protect IoT device intellectual property from point of inception to deployment in the field. OEMs of any size can program and securely provision devices from early samples all the way to high volume production prior to shipping semiconductor devices to a manufacturing line. Data I/O enables customers to reliably, securely, and cost-effectively bring innovative new products to life. These solutions are backed by a portfolio of patents and a global network of Data I/O support and service professionals, ensuring success for our customers. Learn more at dataio.com/Company/Patents.

Safe Harbor/Forward Looking Statement and Disclosure Information

Statements in this news release concerning the impact of the cybersecurity impact on the Company's business and financial results, economic outlook, expected revenue, expected margins, expected savings, expected results, expected expenses, orders, deliveries, backlog and financial positions, semiconductor chip shortages, supply chain expectations, as well as any other statement that may be construed as a prediction of future performance or events are forward-looking statements which involve known and unknown risks, uncertainties and other factors which may cause actual results to differ materially from those expressed or implied by such statements.

Forward-looking statement disclaimers also apply to the impact of the cybersecurity incident, demand for the Company's products and the impact from geopolitical conditions including any related international trade restrictions as well as the ongoing investigation of the August 2025 cybersecurity incident and the possibility that the Company's containment and remediation efforts may be unsuccessful or becomes a challenging force in maintaining market share. Factors that may impact the Company's operations and finances include uncertainties as to the ability to record revenues based upon the timing of product deliveries, shipping availability, installations and acceptance, accrual of expenses, coronavirus related business interruptions, changes in economic conditions, part shortages, business disruptions and other risks including those described in the Company's 10-K, 10-Q and other periodic filings with the Securities and Exchange Commission (SEC), press releases and other communications.

Data I/O may use its website (www.dataio.com) and investor relations page (www.dataio.com/Company/Investor-Relations), its X account (@DataIO_Company), and its LinkedIn page (linkedin.com/company/data-io) to disclose material non-public information and for complying with its disclosure obligations under Regulation FD. Accordingly, investors and other interested parties should monitor these sites, in addition to following Data I/O's press releases, Securities and Exchange Commission (SEC) filings, public conference calls and public presentations/webcasts.

Contact:

Darrow Associates, Inc.
Jordan Darrow
512-551-9296
jdarrow@darrowir.com

To view the source version of this press release, please visit https://www.newsfilecorp.com/release/265115

FAQ

What was the impact of the cybersecurity incident on Data I/O (NASDAQ: DAIO)?

The ransomware incident had no impact on customer orders or revenue, though it resulted in a $180,000 remediation cost for Q3 2025. All systems have been fully restored.

When did Data I/O discover the ransomware attack?

Data I/O first identified the ransomware incident on August 16, 2025.

How much will the cybersecurity incident cost Data I/O?

The incident's remediation, restoration, and investigation efforts are expected to cost approximately $180,000 in Q3 2025.

Has Data I/O's business been affected by the ransomware attack?

According to the company, there was no impact on order flow, deliveries, or revenue. All systems are now operational with enhanced security measures.

What cost savings has Data I/O achieved in 2025?

Data I/O has reduced spending by approximately $300,000 annually through ongoing optimization efforts.