STOCK TITAN
  1. Home
  2. Sec-filings
  3. NUE
  4. [8-K/A] Nucor Corporation Amends Material Event Report

[8-K/A] Nucor Corporation Amends Material Event Report

Filing Impact
(Low)
Filing Sentiment
(Neutral)
Form Type
8-K/A
Rhea-AI Filing Summary

Nucor Corporation filed an amended 8-K (Amendment No. 1) providing additional details about a previously reported cybersecurity incident. Key findings from the investigation revealed:

  • A threat actor illegally accessed company IT systems and exfiltrated limited data
  • The company temporarily halted certain production operations and proactively took affected systems offline
  • All affected production operations and IT applications have been restored
  • The threat actor no longer has access to company systems

The company implemented immediate containment measures, including activating incident response plans, restoring data from backups, and engaging external cybersecurity experts. Nucor states the incident has not had and is not reasonably likely to have a material impact on business operations, financial condition, or results of operations. The company is reviewing impacted data and will notify affected parties and regulatory agencies as required by law.

Nucor Corporation ha presentato un 8-K emendato (Emendamento n. 1) fornendo ulteriori dettagli su un incidente di cybersecurity precedentemente segnalato. I principali risultati dell'indagine hanno rivelato:

  • Un attore minaccioso ha avuto accesso illecito ai sistemi IT dell'azienda ed ha esfiltrato dati limitati
  • L'azienda ha temporaneamente sospeso alcune operazioni di produzione e ha preso proattivamente offline i sistemi interessati
  • Tutte le operazioni di produzione e le applicazioni IT coinvolte sono state ripristinate
  • L'attore minaccioso non ha più accesso ai sistemi aziendali

L'azienda ha implementato misure immediate di contenimento, tra cui l'attivazione dei piani di risposta agli incidenti, il ripristino dei dati dai backup e il coinvolgimento di esperti esterni di cybersecurity. Nucor dichiara che l'incidente non ha avuto e non è ragionevolmente probabile che abbia un impatto significativo sulle operazioni aziendali, sulla situazione finanziaria o sui risultati operativi. L'azienda sta esaminando i dati interessati e notificherà le parti coinvolte e le autorità regolatorie come previsto dalla legge.

Nucor Corporation presentó un 8-K enmendado (Enmienda No. 1) proporcionando detalles adicionales sobre un incidente de ciberseguridad previamente reportado. Los hallazgos clave de la investigación revelaron:

  • Un actor malicioso accedió ilegalmente a los sistemas informáticos de la empresa y extrajo datos limitados
  • La empresa detuvo temporalmente ciertas operaciones de producción y desconectó proactivamente los sistemas afectados
  • Se han restaurado todas las operaciones de producción y aplicaciones informáticas afectadas
  • El actor malicioso ya no tiene acceso a los sistemas de la empresa

La empresa implementó medidas inmediatas de contención, incluyendo la activación de planes de respuesta a incidentes, restauración de datos desde copias de seguridad y la contratación de expertos externos en ciberseguridad. Nucor afirma que el incidente no ha tenido ni es razonablemente probable que tenga un impacto material en las operaciones comerciales, la condición financiera o los resultados operativos. La empresa está revisando los datos afectados y notificará a las partes afectadas y a las agencias regulatorias según lo requiera la ley.

Nucor Corporation는 이전에 보고된 사이버 보안 사고에 대한 추가 세부 정보를 제공하는 수정된 8-K(수정 번호 1)를 제출했습니다. 조사 결과 주요 내용은 다음과 같습니다:

  • 위협 행위자가 회사 IT 시스템에 불법적으로 접근하여 제한된 데이터를 탈취함
  • 회사는 일부 생산 운영을 일시 중단하고 영향을 받은 시스템을 사전 조치로 오프라인 상태로 전환함
  • 모든 영향을 받은 생산 운영 및 IT 애플리케이션이 복구됨
  • 위협 행위자는 더 이상 회사 시스템에 접근할 수 없음

회사는 즉각적인 대응 조치를 시행했으며, 여기에는 사고 대응 계획 활성화, 백업 데이터 복원, 외부 사이버 보안 전문가 참여가 포함됩니다. Nucor는 이번 사고가 사업 운영, 재무 상태 또는 운영 결과에 중대한 영향을 미치지 않았으며 합리적으로도 미칠 가능성이 없다고 밝혔습니다. 회사는 영향을 받은 데이터를 검토 중이며 법률에 따라 영향을 받은 당사자 및 규제 기관에 통지할 예정입니다.

Nucor Corporation a déposé un 8-K modifié (Amendement n° 1) fournissant des détails supplémentaires sur un incident de cybersécurité précédemment signalé. Les principales conclusions de l'enquête ont révélé :

  • Un acteur malveillant a accédé illégalement aux systèmes informatiques de l'entreprise et exfiltré des données limitées
  • L'entreprise a temporairement arrêté certaines opérations de production et a pris proactivement les systèmes affectés hors ligne
  • Toutes les opérations de production et applications informatiques affectées ont été restaurées
  • L'acteur malveillant n'a plus accès aux systèmes de l'entreprise

L'entreprise a mis en œuvre des mesures immédiates de confinement, notamment l'activation des plans de réponse aux incidents, la restauration des données à partir des sauvegardes et le recours à des experts externes en cybersécurité. Nucor déclare que l'incident n'a pas eu et n'est pas raisonnablement susceptible d'avoir un impact significatif sur les opérations commerciales, la situation financière ou les résultats d'exploitation. L'entreprise examine les données impactées et informera les parties concernées ainsi que les autorités réglementaires conformément à la loi.

Die Nucor Corporation hat einen geänderten 8-K-Bericht (Änderung Nr. 1) eingereicht, der zusätzliche Details zu einem zuvor gemeldeten Cybersecurity-Vorfall enthält. Die wichtigsten Erkenntnisse der Untersuchung zeigten:

  • Ein Bedrohungsakteur hat illegal auf die IT-Systeme des Unternehmens zugegriffen und begrenzte Daten entwendet
  • Das Unternehmen hat vorübergehend bestimmte Produktionsabläufe gestoppt und betroffene Systeme proaktiv offline genommen
  • Alle betroffenen Produktionsabläufe und IT-Anwendungen wurden wiederhergestellt
  • Der Bedrohungsakteur hat keinen Zugang mehr zu den Unternehmenssystemen

Das Unternehmen hat sofortige Eindämmungsmaßnahmen umgesetzt, darunter die Aktivierung von Incident-Response-Plänen, die Wiederherstellung von Daten aus Backups und die Einbeziehung externer Cybersecurity-Experten. Nucor erklärt, dass der Vorfall keinen wesentlichen Einfluss auf die Geschäftstätigkeit, die finanzielle Lage oder die Betriebsergebnisse hatte und vernünftigerweise auch nicht haben wird. Das Unternehmen überprüft die betroffenen Daten und wird betroffene Parteien sowie Aufsichtsbehörden gemäß den gesetzlichen Vorgaben informieren.

Positive
  • Company successfully restored affected production operations and IT systems following the cybersecurity incident
  • Management confirms the cybersecurity incident has not had and is not expected to have a material impact on business operations, financial condition, or results
Negative
  • Company experienced unauthorized system access with data exfiltration requiring temporary production halts at various facilities
  • Potential legal, reputational, and regulatory risks from the cybersecurity incident and possible future costs related to investigation and remediation

Nucor Corporation ha presentato un 8-K emendato (Emendamento n. 1) fornendo ulteriori dettagli su un incidente di cybersecurity precedentemente segnalato. I principali risultati dell'indagine hanno rivelato:

  • Un attore minaccioso ha avuto accesso illecito ai sistemi IT dell'azienda ed ha esfiltrato dati limitati
  • L'azienda ha temporaneamente sospeso alcune operazioni di produzione e ha preso proattivamente offline i sistemi interessati
  • Tutte le operazioni di produzione e le applicazioni IT coinvolte sono state ripristinate
  • L'attore minaccioso non ha più accesso ai sistemi aziendali

L'azienda ha implementato misure immediate di contenimento, tra cui l'attivazione dei piani di risposta agli incidenti, il ripristino dei dati dai backup e il coinvolgimento di esperti esterni di cybersecurity. Nucor dichiara che l'incidente non ha avuto e non è ragionevolmente probabile che abbia un impatto significativo sulle operazioni aziendali, sulla situazione finanziaria o sui risultati operativi. L'azienda sta esaminando i dati interessati e notificherà le parti coinvolte e le autorità regolatorie come previsto dalla legge.

Nucor Corporation presentó un 8-K enmendado (Enmienda No. 1) proporcionando detalles adicionales sobre un incidente de ciberseguridad previamente reportado. Los hallazgos clave de la investigación revelaron:

  • Un actor malicioso accedió ilegalmente a los sistemas informáticos de la empresa y extrajo datos limitados
  • La empresa detuvo temporalmente ciertas operaciones de producción y desconectó proactivamente los sistemas afectados
  • Se han restaurado todas las operaciones de producción y aplicaciones informáticas afectadas
  • El actor malicioso ya no tiene acceso a los sistemas de la empresa

La empresa implementó medidas inmediatas de contención, incluyendo la activación de planes de respuesta a incidentes, restauración de datos desde copias de seguridad y la contratación de expertos externos en ciberseguridad. Nucor afirma que el incidente no ha tenido ni es razonablemente probable que tenga un impacto material en las operaciones comerciales, la condición financiera o los resultados operativos. La empresa está revisando los datos afectados y notificará a las partes afectadas y a las agencias regulatorias según lo requiera la ley.

Nucor Corporation는 이전에 보고된 사이버 보안 사고에 대한 추가 세부 정보를 제공하는 수정된 8-K(수정 번호 1)를 제출했습니다. 조사 결과 주요 내용은 다음과 같습니다:

  • 위협 행위자가 회사 IT 시스템에 불법적으로 접근하여 제한된 데이터를 탈취함
  • 회사는 일부 생산 운영을 일시 중단하고 영향을 받은 시스템을 사전 조치로 오프라인 상태로 전환함
  • 모든 영향을 받은 생산 운영 및 IT 애플리케이션이 복구됨
  • 위협 행위자는 더 이상 회사 시스템에 접근할 수 없음

회사는 즉각적인 대응 조치를 시행했으며, 여기에는 사고 대응 계획 활성화, 백업 데이터 복원, 외부 사이버 보안 전문가 참여가 포함됩니다. Nucor는 이번 사고가 사업 운영, 재무 상태 또는 운영 결과에 중대한 영향을 미치지 않았으며 합리적으로도 미칠 가능성이 없다고 밝혔습니다. 회사는 영향을 받은 데이터를 검토 중이며 법률에 따라 영향을 받은 당사자 및 규제 기관에 통지할 예정입니다.

Nucor Corporation a déposé un 8-K modifié (Amendement n° 1) fournissant des détails supplémentaires sur un incident de cybersécurité précédemment signalé. Les principales conclusions de l'enquête ont révélé :

  • Un acteur malveillant a accédé illégalement aux systèmes informatiques de l'entreprise et exfiltré des données limitées
  • L'entreprise a temporairement arrêté certaines opérations de production et a pris proactivement les systèmes affectés hors ligne
  • Toutes les opérations de production et applications informatiques affectées ont été restaurées
  • L'acteur malveillant n'a plus accès aux systèmes de l'entreprise

L'entreprise a mis en œuvre des mesures immédiates de confinement, notamment l'activation des plans de réponse aux incidents, la restauration des données à partir des sauvegardes et le recours à des experts externes en cybersécurité. Nucor déclare que l'incident n'a pas eu et n'est pas raisonnablement susceptible d'avoir un impact significatif sur les opérations commerciales, la situation financière ou les résultats d'exploitation. L'entreprise examine les données impactées et informera les parties concernées ainsi que les autorités réglementaires conformément à la loi.

Die Nucor Corporation hat einen geänderten 8-K-Bericht (Änderung Nr. 1) eingereicht, der zusätzliche Details zu einem zuvor gemeldeten Cybersecurity-Vorfall enthält. Die wichtigsten Erkenntnisse der Untersuchung zeigten:

  • Ein Bedrohungsakteur hat illegal auf die IT-Systeme des Unternehmens zugegriffen und begrenzte Daten entwendet
  • Das Unternehmen hat vorübergehend bestimmte Produktionsabläufe gestoppt und betroffene Systeme proaktiv offline genommen
  • Alle betroffenen Produktionsabläufe und IT-Anwendungen wurden wiederhergestellt
  • Der Bedrohungsakteur hat keinen Zugang mehr zu den Unternehmenssystemen

Das Unternehmen hat sofortige Eindämmungsmaßnahmen umgesetzt, darunter die Aktivierung von Incident-Response-Plänen, die Wiederherstellung von Daten aus Backups und die Einbeziehung externer Cybersecurity-Experten. Nucor erklärt, dass der Vorfall keinen wesentlichen Einfluss auf die Geschäftstätigkeit, die finanzielle Lage oder die Betriebsergebnisse hatte und vernünftigerweise auch nicht haben wird. Das Unternehmen überprüft die betroffenen Daten und wird betroffene Parteien sowie Aufsichtsbehörden gemäß den gesetzlichen Vorgaben informieren.

true0000073309 0000073309 2025-05-13 2025-05-13
 
 
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
 
 
FORM
8-K/A
(Amendment No. 1)
 
 
CURRENT REPORT
Pursuant to Section 13 or 15(d)
of the Securities Exchange Act of 1934
Date of Report (Date of earliest event reported): May 13, 2025
 
 
NUCOR CORPORATION
(Exact name of Registrant as Specified in Its Charter)
 
 
 
Delaware
  
1-4119
  
13-1860817
(State or Other Jurisdiction
of Incorporation)
  
(Commission
File Number)
  
(IRS Employer
Identification No.)
1915 Rexford Road,
Charlotte, NC
  
28211
(Address of Principal Executive Offices)
  
(Zip Code)
Registrant’s Telephone Number, Including Area Code: (704)
366-7000
Not Applicable
(Former Name or Former Address, if Changed Since Last Report)
 
 
Check the appropriate box below if the Form
8-K
filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:
 
Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425)
 
Soliciting material pursuant to Rule
14a-12
under the Exchange Act (17 CFR
240.14a-12)
 
Pre-commencement
communications pursuant to Rule
14d-2(b)
under the Exchange Act (17 CFR
240.14d-2(b))
 
Pre-commencement
communications pursuant to Rule
13e-4(c)
under the Exchange Act (17 CFR
240.13e-4(c))
Securities registered pursuant to Section 12(b) of the Act:
 
Title of each class
  
Trading
Symbol(s)
  
Name of each exchange
on which registered
Common Stock, par value $0.40 per share   NUE   New York Stock Exchange
Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§ 230.405 of this chapter) or Rule
12b-2
of the Securities Exchange Act of 1934
(§ 240.12b-2
of this chapter).
Emerging growth company 
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
 
 
 
 
Explanatory Note
This Amendment No. 1 (this “Amendment”) to the Current Report on Form
8-K
filed by Nucor Corporation (the “Company”) on May 14, 2025 (the “Original Form
8-K”)
provides supplemental information under Item 1.05 regarding the cybersecurity incident disclosed on the Original Form
8-K,
and should be read in conjunction with the Original Form
8-K.
 
Item 1.05.
Material Cybersecurity Incidents.
As disclosed in the Original Form
8-K,
the Company recently experienced a cybersecurity incident affecting certain information technology systems used by the Company. The Company’s investigation revealed that a threat actor illegally accessed the Company’s information technology systems. The cybersecurity incident resulted in a temporary limitation of access to portions of the Company’s information technology applications supporting some aspects of the Company’s operations at some of the Company’s facilities, and as noted in the Original Form
8-K,
in an abundance of caution, the Company temporarily and proactively halted certain production operations at various locations. The Company’s investigation also determined that the threat actor exfiltrated limited data from the Company’s information technology systems. The Company is reviewing and evaluating the impacted data and will carry out any appropriate notifications to potentially affected parties and to regulatory agencies as required by applicable law.
Upon detecting the unauthorized access, the Company immediately took steps to contain, assess, and remediate the cybersecurity incident, including activating its incident response plan, proactively taking potentially affected systems offline, restoring affected data from backup systems, and implementing other containment, remediation, and recovery measures. The Company also engaged leading external cybersecurity experts to assist with its investigation and recovery efforts and notified federal law enforcement authorities.
Since the filing of the Original Form
8-K,
the affected production operations, and access to necessary affected information technology applications, have been restored, and the Company believes that the threat actor no longer has access to the Company’s information technology systems. As part of its remediation efforts, the Company worked with its outside cybersecurity experts to further reinforce its information technology systems and to prevent future unauthorized access.
The cybersecurity incident has not had a material impact, and is not reasonably likely to have a material impact, on the Company’s business operations, and has not had a material impact, and is not reasonably likely to have a material impact, on the Company’s financial condition or results of operations.
Forward-Looking Statements
Certain statements made in this report, or in other public filings, press releases, or other written or oral communications made by Nucor, which are not historical facts are forward-looking statements subject to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. These forward-looking statements involve risks and uncertainties which we expect will or may occur in the future and may impact our business, financial condition and results of operations. The words “anticipate,” “believe,” “expect,” “intend,” “project,” “may,” “will,” “should,” “could” and similar expressions are intended to identify those forward-looking statements. These forward-looking statements reflect the Company’s best judgment based on current information, and, although we base these statements on circumstances that we believe to be reasonable when made, there can be no assurance that future events will not affect the accuracy of such forward-looking information. As such, the forward-looking statements are not guarantees of future performance, and actual results may vary materially from the projected results and expectations discussed in this report. Factors that might cause the Company’s actual results to differ materially from those anticipated in forward-looking statements include, but are not limited to: the Company’s ongoing assessment of the impacts of the cybersecurity incident, including the Company’s potential discovery of additional information related to the incident in connection with its investigation or otherwise; the Company’s expectations regarding its ability to contain and remediate the cybersecurity incident; the impact of the cybersecurity incident on the Company’s relationships with customers, employees, and governmental regulators; the legal, reputational, and financial risks resulting from the cybersecurity incident, including as may arise from any potential regulatory inquiries and/or litigation to which the Company may become subject in connection with the incident; remediation and other additional costs that may be incurred by the Company in connection with the investigation and remediation of the incident; and the risks discussed in “Item 1A. Risk Factors” of the Company’s Annual Report on Form
10-K
for the year ended December 31, 2024, as may be supplemented by “Item 1A. Risk Factors” in the Company’s subsequent Quarterly Reports on Form
10-Q
and in the Company’s other periodic and current reports filed with the SEC.
 
1
SIGNATURES
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.
 
    NUCOR CORPORATION
Date: June 20, 2025     By:   /s/ Stephen D. Laxton
     
Stephen D. Laxton
     
Chief Financial Officer and Executive
Vice President
 
2

Source: View Original Filing on SEC EDGAR

FAQ

What type of cybersecurity incident did NUE experience in May 2025?

According to NUE's 8-K/A filing, the company experienced unauthorized access by a threat actor who illegally accessed their information technology systems. The incident resulted in temporary limitations to IT applications and led to proactive halting of certain production operations at various locations. The threat actor also exfiltrated limited data from the company's IT systems.

Has NUE resolved the May 2025 cybersecurity incident?

Yes, NUE has resolved the incident. The company reports that affected production operations and access to necessary IT applications have been restored. They have confirmed the threat actor no longer has access to their IT systems. The company worked with external cybersecurity experts to reinforce their IT systems and prevent future unauthorized access.

Will the 2025 cybersecurity incident have a material impact on NUE's financial performance?

According to the filing, the cybersecurity incident has not had and is not reasonably likely to have a material impact on NUE's business operations, financial condition, or results of operations.

What immediate actions did NUE take to address the cybersecurity breach in 2025?

NUE took several immediate actions including: 1) activating their incident response plan, 2) proactively taking potentially affected systems offline, 3) restoring affected data from backup systems, 4) implementing containment and recovery measures, 5) engaging leading external cybersecurity experts, and 6) notifying federal law enforcement authorities.

Is NUE required to notify anyone about the data breach from May 2025?

Yes, the filing states that NUE is reviewing and evaluating the impacted data and will carry out appropriate notifications to potentially affected parties and regulatory agencies as required by applicable law.
Stock NUE logo
Nucor

NYSE:NUE

NUE Rankings

#427 Ranked by Market Cap
#1575 Ranked by Dividends

NUE Latest News

Jun 18, 2025
Nucor Announces Guidance for the Second Quarter of 2025 Earnings
Jun 11, 2025
Nucor Remembers Dave Aycock, Former CEO and Chairman
Jun 10, 2025
Nucor Announces 209th Consecutive Cash Dividend
Apr 28, 2025
Nucor Reports Results for the First Quarter of 2025
Apr 24, 2025
Nucor Announces Promotion of Thomas J. Batterbee to Executive Vice President and Appointment of Elizabeth Bledsoe as President of Human Resources and Talent

NUE Latest SEC Filings

Jun 26, 2025
[144] Nucor Corporation SEC Filing
Jun 26, 2025
[Form 4] Nucor Corporation Insider Trading Activity
Jun 24, 2025
[144] Nucor Corporation SEC Filing

NUE Stock Data

28.68B
229.08M
0.53%
79.81%
1.92%
Steel
Steel Works, Blast Furnaces & Rolling Mills (coke Ovens)
Link
United States
CHARLOTTE