Data I/O (DAIO) updates ransomware incident costs and material Q3 impact

Rhea-AI Filing Summary

Data I/O Corporation reported an update on a ransomware cybersecurity incident that affected certain internal IT systems in August 2025. The company determined the attack was not specifically targeted at it but stemmed from a vulnerability in a commercially available third-party firewall service. Data I/O engaged outside cybersecurity experts, completed recovery efforts, and states the affected systems are now fully restored, contained, and remediated, with operations such as communications, shipping, receiving, and manufacturing back to normal.

The company does not believe any revenue has been lost from the incident as of the date of this report. However, as of September 9, 2025, Data I/O estimates remediation, restoration, and investigation expenses of approximately $388,000 in the third quarter ending September 30, 2025, and expects this to have a material impact on its results of operations and financial condition. The company also notes it has strengthened its IT systems based on lessons from the incident.

Positive

• None.

Negative

• Ransomware incident drives approximately $388,000 of cybersecurity-related expenses in Q3 2025, which the company expects will materially impact results of operations and financial condition.

Insights

Cybersecurity and financial impact analyst

Ransomware incident fully contained but adds about $388,000 in Q3 costs with material earnings impact.

Data I/O Corporation describes a ransomware incident that arose from a vulnerability in a third-party firewall service rather than a targeted attack. The disruption affected core functions including communications, shipping, receiving, manufacturing, and support, but these operations are now reported as fully restored. The company states it has enhanced and strengthened its IT systems and does not believe further corrective actions are needed based on its investigation.

Financially, the company estimates about $388,000 of remediation, restoration, and investigation expenses in the quarter ending September 30, 2025. It explicitly expects these costs to have a material impact on results of operations and financial condition, even though it does not currently see any loss of revenue from the incident. Future disclosures may further detail how these one-time expenses appear in the third-quarter financial statements and whether any additional cyber-related measures affect ongoing cost levels.

0000351998false00003519982025-09-042025-09-04iso4217:USDxbrli:sharesiso4217:USDxbrli:shares

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

FORM 8-K

CURRENT REPORT

 Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934

Date of Report (Date of earliest event reported): September 4, 2025

Data I/O Corporation

(Exact name of registrant as specified in its charter)

Washington		0-10394		91-0864123
(State or other jurisdiction of incorporation)		(Commission File Number)		(IRS Employer Identification No.)

6645 185th Ave. N.E., Suite 100, Redmond, WA 98052

(Address of principal executive offices, including zip code)

 (425) 881-6444

(Registrant’s telephone number, including area code)

 Not Applicable

(Former name or former address, if changed since last report)

Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:

☐	Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425)
☐	Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12)
☐	Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b))
☐	Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c))

Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).

Emerging growth company ☐

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act ☐

Items reported in this filing:

Item 1.05 Material Cybersecurity Incidents

Item 7.01 Regulation FD Disclosure

Item 9.01 Financial Statements and Exhibits

Item 1.05 Material Cybersecurity Incidents.

As previously disclosed on August 21, 2025 in a Current Report on Form 8-K filed with the Securities and Exchange Commission (“SEC”), on August 16, 2025, Data I/O Corporation (the “Company”) experienced a ransomware incident (the “Incident”) on certain of its internal IT systems. Through ongoing discovery and investigation efforts, the Company has determined that the Incident was not targeted but originated as a vulnerability of a commercially available third-party firewall service provider. The Company engaged leading cybersecurity experts to support the IT system recovery and conduct a comprehensive investigation. Through dealing with this Incident, the Company has improved and strengthened its IT systems and based on the findings, the Company does not believe any additional actions are necessary.

As of the date of this filing, the Company has restored the affected systems and the Incident has been completely contained and remediated. The Incident temporarily impacted the Company’s operations, including internal/external communications, shipping, receiving, manufacturing production, and various other support functions, which are fully operational as of the date of this filing.  As of the date of this filing, it does not appear that any revenue has been lost as a result of the Incident.  As of September 9, 2025, the estimated costs related to the Incident for remediation, restoration and investigation efforts are expected to total approximately $388,000 in expenses in the third quarter ending September 30, 2025 and will likely have a material impact on the Company’s results of operations and financial condition.

Safe Harbor/Forward Looking Statement and Disclosure Information

This Current Report on Form 8-K contains forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, such as the Company’s expectations or beliefs regarding future events, actions or performance related to the Incident, including the results of the Company’s investigation of the Incident, the impact of the Incident on the Company and its financial condition and results of operations. Forward-looking statements typically are identified by use of terms such as “anticipate,” “believe,” “expect,” “project,” “may,” “will,” “should,” “could,” “likely” and similar words. Except as required by law, the Company undertakes no obligation to publicly update or revise any forward-looking statements, whether as a result of new information, future events or otherwise. The Company’s actual results could differ materially from those contained in forward-looking statements due to a number of factors, including the impact of the Incident, the results from the Company’s investigation of the Incident, and other risks and factors described by the statements under “Risk Factors” in the Company’s most recent Annual Report on Form 10-K and in its subsequent filings with the United States Securities and Exchange Commission.

2

Item 7.01 Regulation FD Disclosure.

On September 4, 2025, the Company issued a press release entitled “Data I/O Issues Update on Cybersecurity Incident”, attached hereto as Exhibit 99.0.

The information contained in the press release attached hereto is being furnished and shall not be deemed filed for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), or otherwise subject to the liability of that section, and shall not be incorporated by reference into any registration statement or other document filed under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such filing.

Item 9.01 Financial Statements and Exhibits.

(d) Exhibits

Exhibit No.		Description
99.0		Press Release: Data I/O Issues Update on Cybersecurity Incident

3

SIGNATURE

Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.

	Data I/O Corporation
September 10, 2025	By:	/s/ Charles DiBona
		Charles DiBona Chief Financial Officer

4

FAQ

What cybersecurity incident did Data I/O (DAIO) report in this 8-K?

Data I/O reported a ransomware incident on certain internal IT systems that occurred on August 16, 2025, traced to a vulnerability in a commercially available third-party firewall service provider.

How did the ransomware incident affect Data I/O’s operations?

The incident temporarily impacted internal and external communications, shipping, receiving, manufacturing production, and support functions, but these operations are described as fully operational as of the date of the report.

Are Data I/O’s systems now restored after the ransomware attack?

Yes. Data I/O states that it has restored the affected systems and that the incident has been completely contained and remediated, with IT systems improved and strengthened.

Did Data I/O report any revenue loss from the ransomware incident?

As of the date of the filing, Data I/O states that it does not appear that any revenue has been lost as a result of the incident.

What is the estimated financial impact of the cybersecurity incident on Data I/O?

As of September 9, 2025, the company estimates approximately $388,000 of remediation, restoration, and investigation expenses in the third quarter ending September 30, 2025, and expects this to have a material impact on its results of operations and financial condition.

What disclosure did Data I/O provide under Regulation FD in this filing?

Data I/O noted that on September 4, 2025 it issued a press release titled “Data I/O Issues Update on Cybersecurity Incident”, furnished as Exhibit 99.0, which is not deemed filed for liability purposes under Section 18 of the Exchange Act.