Cooper Steel Fabricators

Cooper Steel Fabricators, a prominent U.S.-based structural steel fabricator serving high-profile clients like Amazon, suffered a significant data breach. A threat actor claimed responsibility for infiltrating the company’s systems and exfiltrating a **complete mirror (330 GB)** of its **FTP server**, which likely contained proprietary corporate data, client contracts, engineering blueprints, financial records, and operational documents. The attacker demanded a **ransom of $28,500 in cryptocurrency** in exchange for the stolen data, posing severe risks to the company’s intellectual property, competitive advantage, and client trust.The breach exposes Cooper Steel to potential **legal liabilities**, **reputational damage**, and **operational disruptions**, particularly if sensitive client data (e.g., Amazon’s project details) was compromised. The theft of **trade secrets, patents, or proprietary fabrication techniques** could undermine the company’s market position, while the public disclosure of the breach may erode customer confidence. If the data includes **employee or customer personally identifiable information (PII)**, regulatory penalties (e.g., under GDPR or state laws) could further compound financial losses. The attacker’s possession of a **full data mirror** also raises concerns about **future extortion attempts**, supply chain attacks, or the sale of stolen data on dark web marketplaces.

Source: https://www.scworld.com/brief/purported-1-2b-facebook-record-leak-questioned

TPRM report: https://www.rankiteo.com/company/cooper-steel-usa

"id": "coo3281632113025",
"linkid": "cooper-steel-usa",
"type": "Breach",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'structural steel fabrication',
                        'location': 'United States',
                        'name': 'Cooper Steel Fabricators',
                        'type': 'private company'}],
 'data_breach': {'data_exfiltration': True,
                 'type_of_data_compromised': 'FTP server data (330 GB)'},
 'date_publicly_disclosed': '2025-11-25',
 'description': 'Cooper Steel Fabricators, a leading U.S. structural steel '
                'fabricator with clients including Amazon, was breached by a '
                "threat actor. The attacker offered a 'complete mirror' of the "
                "firm's FTP server containing 330 GB of data in exchange for "
                '$28,500 in cryptocurrency.',
 'impact': {'brand_reputation_impact': 'potential (due to public disclosure of '
                                       'breach and extortion)',
            'data_compromised': '330 GB (FTP server data)',
            'systems_affected': ['FTP server']},
 'motivation': 'financial gain',
 'ransomware': {'data_exfiltration': True,
                'ransom_demanded': '$28,500 (in cryptocurrency)'},
 'references': [{'date_accessed': '2025-11-25', 'source': 'Cybernews'}],
 'title': 'Cooper Steel Fabricators Data Breach and Extortion Attempt',
 'type': ['data breach', 'extortion']}

Cooper Steel Fabricators

FullBeauty Brands, Inc., CUUP, ELOQUII and Jessica London: FullBeauty Brands Data Breach Investigation

OCHIN Inc. and Baltimore City Health Department: Baltimore City Health Department investigating data breach involving third-party system

Waltio: French Authorities Investigate Data Breach Affecting Crypto Tax Platform