Cyber Incident Victim: International Paper

International Paper's Riegelwood Mill in North Carolina experienced a cyberattack targeting its operating systems late in the week preceding February 1, 2024. The company confirmed the incident through spokesperson Kimberly Clewis, who stated the attack prompted an immediate operational shutdown to contain the threat. Mill personnel identified the cybersecurity event and activated pre-established response protocols, prioritizing physical safety and environmental safeguards. No injuries to workers or ecological damage resulted from the incident. The disruption halted production processes at the facility, though the company did not disclose specific operational timelines or quantify output losses. International Paper notified relevant external authorities about the breach but did not identify which agencies received the alert.

Containment measures began immediately after detection, with technical teams isolating affected systems to prevent further network compromise. The company engaged third-party cybersecurity experts to assist forensic investigations and system restoration efforts, though the nature of the attack and identity of threat actors remained undisclosed. By February 1, International Paper had initiated the controlled restart of mill operations, indicating partial recovery of operational technology systems. The spokesperson emphasized employee vigilance in detecting the incident and executing emergency protocols but provided no details about residual vulnerabilities or long-term mitigation strategies. Restoration activities continued with no publicized completion timeline or disclosure of data compromise.