Nippon Steel, the world’s fourth largest crude steel producer, has reportedly fallen victim to a ransomware attack orchestrated by the BianLian ransomware group. The attack has placed the steel manufacturing giant in the spotlight once again, following an already tumultuous start to 2025.
BianLian Claims to Have Stolen 500 GB of Data
On February 13, 2025, the ransomware group listed Nippon Steel on its dark web leak site, claiming to have stolen 500 GB of sensitive data from the company’s US division networks. The Tokyo-headquartered steel giant, Japan’s largest, operates in over a dozen countries across Asia, the Americas, Europe, the Middle East, and Africa.
With over 113,000 employees worldwide and an annual revenue of 8.78 trillion Japanese Yen (~$57.5 billion), Nippon Steel is a key player in the global steel industry. According to BianLian’s claims, the stolen data includes:
- Accounting records
- Client financial and personal data
- Network users’ personal folders
- Files from management PCs
- Fileserver data and Production data
Additionally, the ransomware group reportedly leaked personal contact details—including direct phone numbers and business email addresses—of Nippon Steel’s top executives, including CEO and Chairman Eiji Hashimoto and President Hiroshi Moto.
Ransomware Attack Comes Amid Nippon’s US Steel Merger Controversy
The timing of the cyberattack couldn’t be worse for Nippon Steel. The company has been making headlines due to its proposed $15 billion merger with US Steel, which was blocked by US President Joe Biden in January 2025 amid antitrust concerns and national security debates.
Following the block, Nippon Steel announced on January 7 that it was suing the Biden administration, accusing it of “illegally” halting the deal for political reasons. Now, the emergence of this ransomware attack raises concerns about potential espionage or retaliation.
BianLian’s Listing Disappears from the Dark Web
The ransomware attack was first detected by RansomLook, an open-source ransomware tracking tool. Initially, BianLian listed Nippon Steel under its manufacturing victims and even shared a data sample detailing aspects of the US Steel merger.
While visiting BianLian’s dark web leak site on February 16, Nippon Steel’s name was mysteriously absent. In its original post, BianLian had promised to release the stolen data “block by block,” hinting at further developments.
Could Trump’s Comments on the US Steel Deal Be a Factor?
As legal battles rage, the potential merger between Nippon Steel and US Steel remains uncertain. However, the situation took an interesting turn after former US President Donald Trump, who returned to office on January 20, suggested that Nippon Steel could still take a minority stake in US Steel.
Trump’s comments on February 7 reportedly caught both companies off guard, sending stock prices tumbling. Despite the controversy, Nippon Steel announced on February 16 that it would propose an alternative deal, signaling ongoing negotiations.
What’s Next for Nippon Steel?
With cybersecurity concerns mounting and the US Steel merger hanging in the balance, Nippon Steel faces a critical juncture. Whether BianLian will ultimately release the stolen data remains uncertain, but this incident highlights the increasing vulnerability of global corporations to ransomware attacks.
As this story develops, industry leaders and cybersecurity experts will be closely monitoring both Nippon Steel’s response and the potential implications for international trade and security.
Stay tuned for further updates on this evolving situation.