Simpson Manufacturing Co., Inc., a prominent American building and structural materials producer, has faced a cybersecurity incident leading to a temporary shutdown of its IT systems. The company, known for its role as one of North America’s leading producers of structural connectors and anchors, disclosed the incident through a SEC 8-K filing.
The disruption was initially detected on Tuesday, October 10, 2023, when the company noticed IT problems and application outages. A subsequent investigation revealed that a cyberattack was the root cause of the disruptions. In response, Simpson Manufacturing proactively took all impacted systems offline to prevent further spread of the attack.
The company released a statement regarding the incident, saying, “On October 10, 2023, Simpson Manufacturing Co., Inc. experienced disruptions in its Information Technology (IT) infrastructure and applications resulting from a cybersecurity incident. After becoming aware of the malicious activity, the Company began taking steps to stop and remediate the activity, including taking certain systems offline.”
The ongoing remediation process is anticipated to take some time, and as a consequence, business operations remain paused. The extent of the disruption suggests the possibility of a ransomware attack, a complex threat that often involves data encryption, rendering key systems and applications unusable.
Simpson Manufacturing, with an annual net sales figure of $2.12 billion in 2022 and a workforce of 5,150 employees, operates as a leader in the building and structural materials industry. The company runs seven laboratories for testing new designs and materials and holds an impressive portfolio of over two thousand patents and trademarks.
While the specific nature of the cybersecurity incident is yet to be determined, the company has not identified any ransomware groups claiming responsibility for the attack. Simpson Manufacturing has engaged leading third-party experts to assist in the investigation and recovery efforts, although both are currently in the initial stages.
Despite the announcement of the cyberattack and the resulting suspension of business operations, the incident has not had a negative impact on the company’s stock trading performance as of now.