BlueScope has confirmed that its IT systems have been “affected by a cyber incident”, which it said was detected in one of its US businesses.

iTnews reported exclusively yesterday that BlueScope’s production systems were halted company-wide in the early hours of Thursday morning, with the cause believed to be a ransomware infection.
Chief financial officer Tania Archibald said in a regulatory filing that “the cyber incident was detected in one of the Company’s US businesses and the company had acted promptly to respond to the incident.”
“In the affected areas the company has reverted to manual operations where possible while it fully assesses the impact and remediates as required, in order to return to normal operations as quickly as possible,” Archibald said.
“We are taking this event extremely seriously.
“Our people are working diligently to protect and restore our systems, and we are working with external providers to assist us.
“Our focus remains on being able to service our customers and to maintain safe and reliable operations.”
BlueScope still did not publicly clarify the nature of the cyber incident and said it would “provide a further update in due course, as appropriate.”
iTnews reported yesterday that the company’s Port Kembla furnace has switched to manual operations in response, while what BlueScope calls its “service centres” - factories that produce end products like Colorbond steel - were still operating.
It is believed that one or more employees opened contaminated email attachments, leading to a malware infection. The extent of any infection, however, remains unclear.