Cyber Incident Victim: BlueScope

BlueScope Steel Limited publicly disclosed a cybersecurity incident affecting its Australian operations in a statement to the Australian Securities Exchange on May 15, 2020. The company detected the incident within one of its United States business units, according to Chief Financial Officer Tania Archibald, who emphasized the organization's prompt response measures. The cyber event disrupted portions of BlueScope's Australian manufacturing and sales operations, forcing the temporary suspension of certain automated processes. While specific technical details about the attack vector or perpetrator were not disclosed, the incident necessitated operational adjustments across affected business units. Steel dispatch operations continued through manual workarounds despite system disruptions, maintaining partial functionality during the crisis.

The company implemented contingency plans by reverting to manual operations where feasible while conducting comprehensive impact assessments and remediation efforts. BlueScope's North Star (US), Asian, and New Zealand operations experienced only minor disruptions, indicating the incident primarily affected Australian infrastructure. Executive leadership characterized the event as requiring serious attention, with personnel working extensively alongside external cybersecurity providers to restore systems and safeguard operations. Operational priorities focused on maintaining customer service capabilities and ensuring safety protocols remained intact throughout the disruption. Historical context revealed BlueScope had previously experienced collateral damage from the WannaCry ransomware outbreak, though company officials differentiated that prior incident as untargeted compared to their general preparedness posture. No explicit connection was made between the 2020 incident and ransomware demands, nor were data breach specifics or financial impacts quantified in the public disclosure.