Nippon Steel Solutions Corporation (NSSOL) has confirmed a cybersecurity breach resulting from a zero-day vulnerability in its network devices, leading to unauthorized access to internal servers and a potential data leak.
The company detected suspicious activity on March 7, 2025, and immediately isolated the affected server from its network. With the assistance of external cybersecurity experts, NSSOL launched a comprehensive investigation, which revealed that a third party had gained unauthorized access to sensitive internal data.
“After detecting the unauthorized access, we promptly took measures such as restricting access from outside, and cooperated with external specialist agencies to investigate the intrusion route, the scope of the impact, and the cause analysis, while also working with business partners to take the necessary measures,” the company noted.
According to NSSOL, the compromised information may include names, company affiliations, job titles, physical addresses, business email addresses, and phone numbers of customers, business partners, and employees. The company said that cloud services provided to customers remain unaffected.
NSSOL has not disclosed the specific vulnerability or attackers involved but confirmed the breach was the result of a zero-day exploit targeting its network equipment. The company continues to assess the full scope of the incident and has reported it to the relevant authorities.
