---
schema_version: "secwatch.filing_event.v1"
accession: "0001193125-25-143135"
form_type: "8-K/A"
ticker: "NUE"
cik: "0000073309"
company_name: "NUCOR CORP"
filed_at: "2025-06-20T23:59:59+00:00"
generated_at: "2026-05-19T02:09:51.925888+00:00"
event_type: "cyber"
sentiment: "negative"
materiality_score: 0.45
calibrated_materiality_score: 0.45
confidence: "high"
source: SEC EDGAR
---

# Nucor updates on May 2025 cyber incident; operations restored, no material impact

## Summary
- Threat actor illegally accessed IT systems; limited data exfiltrated; access temporarily restricted to some applications.
- Production at various facilities proactively halted as precaution; operations since restored.
- Company believes incident not material to business, financial condition, or results; no material impact expected.
- Remediation included incident response activation, system shutdown, backup restoration, external experts, and law enforcement notification.

## SEC filing metadata
- accession: 0001193125-25-143135
- form_type: 8-K/A
- ticker: NUE
- cik: 0000073309
- company_name: NUCOR CORP
- filed_at: 2025-06-20T23:59:59+00:00
- event_type: cyber
- sentiment: negative
- materiality_score: 0.45
- calibrated_materiality_score: 0.45
- confidence: high
- sec_items: 1.05
- EDGAR index: https://www.sec.gov/Archives/edgar/data/73309/000119312525143135/0001193125-25-143135-index.htm
- EDGAR primary document: https://www.sec.gov/Archives/edgar/data/73309/000119312525143135/d926586d8ka.htm

## Machine-readable alternates
- HTML: https://secwatch.observer/filing/0001193125-25-143135
- JSON: https://secwatch.observer/filing/0001193125-25-143135.json
- Plain text: https://secwatch.observer/filing/0001193125-25-143135.txt

## Key facts
- Cybersecurity Incidents
  NUCOR CORP disclosed a cybersecurity incident: A threat actor illegally accessed the Company's information technology systems, exfiltrated limited data, and caused temporary limitations to access of applications supporting some operations. Impact: The incident has not had and is not reasonably likely to have a material impact on business operations, financial condition, or results of operations. Company determined it not material.
  - Nature: A threat actor illegally accessed the Company's information technology systems, exfiltrated limited data, and caused temporary limitations to access of applications supporting some operations
  - Impact: The incident has not had and is not reasonably likely to have a material impact on business operations, financial condition, or results of operations
  - Materiality: not material
  source text: The cybersecurity incident has not had a material impact, and is not reasonably likely to have a material impact, on the Company’s business operations, and has not had a material impact, and is not reasonably likely to have a material impact, on the Company’s financial condition or results of operations.
  evidence_url: https://www.sec.gov/Archives/edgar/data/73309/000119312525143135/0001193125-25-143135-index.htm

This AI-assisted summary is a reading aid. Review the linked SEC EDGAR filing before relying on any specific claim.