Ransomware incident at Data I/O (NASDAQ: DAIO) disrupts operations and is likely to impact costs

Rhea-AI Filing Summary

Data I/O Corporation reported a ransomware cybersecurity incident affecting certain internal IT systems on August 16, 2025. The company activated its response protocols, took some platforms offline, implemented containment and mitigation measures, and engaged external cybersecurity experts to support recovery and investigate the incident. It expects to notify affected individuals and regulators as required by law.

The incident has temporarily disrupted operations, including communications, shipping, receiving, manufacturing production, and support functions. Some functions have been restored, but the timeline for full restoration is not yet known. As of this report, the incident does not appear to have had a material impact on overall business operations, but the company states that the full scope and impact are not yet known and could later be determined to be material. The expected costs of the incident, including expert and advisor fees and system restoration, are reasonably likely to have a material impact on results of operations and financial condition.

Positive

• None.

Negative

• Ransomware incident with likely material cost impact: The company reports a ransomware attack that has disrupted multiple operational functions and states that related response and recovery costs are reasonably likely to have a material impact on its results of operations and financial condition.

Insights

Cybersecurity and risk analyst

Ransomware attack disrupts operations and is likely to weigh on future results through higher incident-related costs.

Data I/O Corporation discloses a ransomware incident that hit certain internal IT systems and forced the company to take some platforms offline. The disruption extends to internal and external communications, shipping, receiving, manufacturing production, and support functions, indicating the attack reached operationally important systems. External cybersecurity experts are assisting with recovery and a comprehensive investigation, and the company anticipates notifications to affected individuals and regulators where required.

The company states that, as of the report date, the incident does not appear to have had a material impact on business operations, but the ultimate scope and impact remain uncertain while the investigation continues. Importantly, it expects incident-related costs—including cybersecurity expert fees, advisor costs, and restoration of impacted systems—to be reasonably likely to have a material impact on results of operations and financial condition. Future disclosures about the investigation’s outcome and the pace of operational restoration will shape how persistent the financial and operational effects from this ransomware event prove to be.

0000351998false00003519982025-08-162025-08-16iso4217:USDxbrli:sharesiso4217:USDxbrli:shares

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

FORM 8-K

CURRENT REPORT

 Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934

Date of Report (Date of earliest event reported): August 16, 2025

Data I/O Corporation

(Exact name of registrant as specified in its charter)

Washington		0-10394		91-0864123
(State or other jurisdiction of incorporation)		(Commission File Number)		(IRS Employer Identification No.)

6645 185th Ave. N.E., Suite 100, Redmond, WA 98052

(Address of principal executive offices, including zip code)

(425) 881-6444

(Registrant’s telephone number, including area code)

Not Applicable

(Former name or former address, if changed since last report)

Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:

☐	Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425)
☐	Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12)
☐	Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b))
☐	Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c))

Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).

Emerging growth company  ☐

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act   ☐

Items reported in this filing:

Item 1.05 Material Cybersecurity Incidents. 

Item 1.05 Material Cybersecurity Incidents.

On August 16, 2025, Data I/O Corporation (the “Company”) experienced a ransomware incident (the “Incident”) on certain of its internal IT systems. Upon discovery, the Company promptly activated its response protocols, took steps to secure its global IT systems and implemented containment measures, including proactively taking certain platforms offline and implementing other mitigation measures. The Company also engaged leading cybersecurity experts to support the IT system recovery and conduct a comprehensive investigation. Based on the findings, the Company will take additional actions as appropriate, including notifying affected individuals and regulatory authorities in compliance with applicable laws.

The Company is working diligently to restore the affected systems. The Incident has temporarily impacted the Company’s operations, including internal/external communications, shipping, receiving, manufacturing production, and various other support functions. While the Company has implemented measures to allow for the restoration of some operational functions, the timeline for a full restoration is not yet known. As the investigation of the Incident is ongoing, the full scope, nature, and impact are also not yet known.

As of the date of this filing, the Incident does not appear to have had a material impact on the Company’s business operations; however, the full scope and impact of this Incident is not yet known and could result in a future determination that the incident either was not or has been material to the Company's financial statements and results of operations. The expected costs related to the Incident, including fees for our cybersecurity experts and other advisors, and costs to restore any impacted systems, are reasonably likely to have a material impact on the Company’s results of operations and financial condition.

Safe Harbor/Forward Looking Statement and Disclosure Information

This Current Report on Form 8-K contains forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, such as the Company’s expectations or beliefs regarding future events, actions or performance related to the Incident, including the results of the Company’s ongoing investigation of the Incident, the impact of the Incident on the Company and its financial condition and results of operations, and the timing and results of the recovery efforts from the Incident. Forward-looking statements typically are identified by use of terms such as “anticipate,” “believe,” “expect,” “project,” “may,” “will,” “should,” “could,” “likely” and similar words. Except as required by law, the Company undertakes no obligation to publicly update or revise any forward-looking statements, whether as a result of new information, future events or otherwise. The Company’s actual results could differ materially from those contained in forward-looking statements due to a number of factors, including the completion of the Company’s investigation into the Incident, the ultimate results from the Company’s investigation, the timing of the restoration of full access following the Incident, possible changes in customer sentiment due to the Incident and other risks and factors described by the statements under “Risk Factors” in the Company’s most recent Annual Report on Form 10-K and in its subsequent filings with the United States Securities and Exchange Commission.

2

SIGNATURE

Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.

	Data I/O Corporation
August 21, 2025	By:	/s/ Charles DiBona
	Charles DiBona Chief Financial Officer

3

FAQ

What cybersecurity incident did Data I/O Corporation (DAIO) report?

Data I/O Corporation reported a ransomware incident on certain internal IT systems discovered on August 16, 2025, which required containment measures and external cybersecurity support.

How has the ransomware incident affected DAIO’s operations?

The incident has temporarily impacted communications, shipping, receiving, manufacturing production, and support functions, although some operational functions have already been restored.

Does the ransomware attack appear material to DAIO’s business operations?

As of the report date, the incident does not appear to have had a material impact on business operations, but the company notes that the full scope and impact are still being investigated and could later be determined to be material.

What financial impact does DAIO expect from the cybersecurity incident?

The company states that expected costs related to the incident—such as cybersecurity experts, other advisors, and system restoration—are reasonably likely to have a material impact on its results of operations and financial condition.

What steps is Data I/O taking in response to the ransomware event?

Data I/O activated its incident response protocols, secured and contained affected systems, took some platforms offline, engaged leading cybersecurity experts, and plans to notify affected individuals and regulators as required.

Has Data I/O provided any indication of when systems will be fully restored?

The company has restored some operational functions but states that the timeline for full restoration of affected systems is not yet known while recovery efforts and the investigation continue.

What forward-looking risks related to the incident does DAIO highlight?

Data I/O notes that actual results could differ from expectations due to factors such as the completion and results of its investigation, the timing of full access restoration, and possible changes in customer sentiment related to the incident.