Short circuit: Electronics supplier to tech giants suffers ransomware shutdown

#### [Cyber-crime](/security/cyber_crime/)Short circuit: Electronics supplier to tech giants suffers ransomware shutdown==============================================================================Amazon, Apple, Google, and Microsoft among major customers———————————————————-[Jessica Lyons](/Author/Jessica-Lyons ‘Read more by this author’) Fri 22 Aug 2025 // 21:07 UTC [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown) [](https://twitter.com/intent/tweet?text=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown&url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown&summary=Amazon%2c%20Apple%2c%20Google%2c%20and%20Microsoft%20among%20major%20customers) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt its business operations.’The Company is working diligently to restore the affected systems,’ the manufacturer said in a [Form 8-K](https://www.sec.gov/ix?doc=/Archives/edgar/data/0000351998/000165495425009925/daio_8k.htm) filed with the US Securities and Exchange Commission yesterday.The ransomware attack ‘temporarily impacted the Company’s operations, including internal/external communications, shipping, receiving, manufacturing production, and various other support functions,’ it continued. Data I/O also claims that, while it has restored some of its functions, others remain offline, with no timetable for a fix. An investigation is ongoing. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aKmRiIe4zh5Wk6bfViUMoQAAAMo&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0)The company did not immediately respond to *The Register*’s inquiries about the breach, including if criminals stole customers’ data during the intrusion. At press time, none of the usual suspects had claimed responsibility for the ransomware attack and Data I/O has not been listed on any data leak sites. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aKmRiIe4zh5Wk6bfViUMoQAAAMo&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0)According to the SEC filing, the ransomware locked up some of the company’s internal IT systems, and upon discovering the malware, Data I/O ‘promptly activated its response protocols, took steps to secure its global IT systems and implemented containment measures, including proactively taking certain platforms offline and implementing other mitigation measures.’The company also said it hired cybersecurity experts to support its recovery process and conduct an investigation into the ransomware attack. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aKmRiIe4zh5Wk6bfViUMoQAAAMo&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0)In addition to technology firms, Data I/O counts major automotive and industrial companies as its customers.’Leading global automotive companies trust Data I/O’s systems to correctly program engine instrument clusters, control units, and braking systems,’ the company’s [website states](https://www.dataio.com/Company/About-Data-I-O). ‘Top industrial controls and internet-of-things manufacturers use Data I/O’s solutions to embed firmware and secrets into their products to ensure they are secured and boot-up during manufacturing.’* [Ransomware scum and other crims bilked victims out of a ‘staggering’ $16.6B last year, says FBI](https://www.theregister.com/2025/04/24/ransomware_scum_and_other_crims/)* [Malware variants that target operational tech systems are very rare — but 2 were found last year](https://www.theregister.com/2025/02/25/new_ics_malware_dragos/)* [Kidney dialysis giant DaVita tells 2.4M people they were snared in ransomware data theft nightmare](https://www.theregister.com/2025/08/22/davita_ransomware_infection/)* [Ransomware crews don’t care about your endpoint security — they’ve already killed it](https://www.theregister.com/2025/08/14/edr_killers_ransomware/)In other words, Data I/O is a very attractive target for extortionists looking to steal sensitive data and demand a hefty ransomware for its return, while also threatening to leak secrets.According to operational tech security shop Dragos’ most recent year-in-review report, [ransomware skyrocketed](https://www.theregister.com/2025/02/25/new_ics_malware_dragos/) among industrial organizations last year, increasing 87 percent year-on-year for a total of 1,693 infections in 2024. Of these, 25 percent involved a full shutdown while 75 percent disrupted operations to some degree.This echoes a similar finding by the FBI Internet Crime Complaint Center (IC3), which reported that [ransomware posed the biggest threat](https://www.theregister.com/2025/04/24/ransomware_scum_and_other_crims/) to critical infrastructure organizations in 2024, with the number of complaints to the IC3 increasing nine percent compared to the previous year.In total, this sector reported almost 4,900 cybersecurity threats in 2024, with ransomware (1,403 complaints) topping the list. The five most reported ransomware variants were Akira, LockBit, RansomHub, Fog, and PLAY. ® **Get our** [Tech Resources](https://whitepapers.theregister.com/) Share [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown) [](https://twitter.com/intent/tweet?text=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown&url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown&summary=Amazon%2c%20Apple%2c%20Google%2c%20and%20Microsoft%20among%20major%20customers) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) #### More about* [Cybercrime](/Tag/Cybercrime/)* [Ransomware](/Tag/Ransomware/)* [Security](/Tag/Security/) More like these × ### More about* [Cybercrime](/Tag/Cybercrime/)* [Ransomware](/Tag/Ransomware/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [End Point Protection](/Tag/End%20Point%20Protection/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Personally Identifiable Information](/Tag/Personally%20Identifiable%20Information/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) #### More aboutShare [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown) [](https://twitter.com/intent/tweet?text=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown&url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Short%20circuit%3a%20Electronics%20supplier%20to%20tech%20giants%20suffers%20ransomware%20shutdown&summary=Amazon%2c%20Apple%2c%20Google%2c%20and%20Microsoft%20among%20major%20customers) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) POST A COMMENT #### More about* [Cybercrime](/Tag/Cybercrime/)* [Ransomware](/Tag/Ransomware/)* [Security](/Tag/Security/) More like these × ### More about* [Cybercrime](/Tag/Cybercrime/)* [Ransomware](/Tag/Ransomware/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [End Point Protection](/Tag/End%20Point%20Protection/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Personally Identifiable Information](/Tag/Personally%20Identifiable%20Information/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) #### TIP US OFF[Send us news](https://www.theregister.com/Profile/contact/)[#### Ransomware crews don’t care about your endpoint security — they’ve already killed itSome custom malware, some legit software toolsCyber-crime8 days -| 24](/2025/08/14/edr_killers_ransomware/?td=keepreading) [#### Kidney dialysis giant DaVita tells 2.4M people they were snared in ransomware data theft nightmareHealth details, tax ID numbers, even images of checks were stolen, reportedly by the Interlock gangCyber-crime15 hrs -| 3](/2025/08/22/davita_ransomware_infection/?td=keepreading) [#### Oh, great.Three notorious cybercrime gangs appear to be collaboratingScattered Spider, ShinyHunters, and Lapsus$ spent the weekend bragging to each other on a Telegram channelCyber-crime11 days -| 1](/2025/08/12/scattered_spidershinyhunterslapsus_cybercrime_collab/?td=keepreading) [#### Could agentic AI save us from the cybercrisis?Many hands make light work in the SOCSponsored feature](/2025/08/07/could_agentic_ai_save/?td=keepreading) [#### Manpower franchise discloses data theft after RansomHub posts alleged stolen dataAnd yes, there’s the usual credit monitoringCyber-crime11 days -| 4](/2025/08/12/manpower_franchise_data_breach/?td=keepreading) [#### SonicWall investigates ‘cyber incidents,’ including ransomware targeting suspected 0-dayBypassing MFA and deploying ransomware…sounds like something that rhymes with ‘schmero-day’Cyber-crime19 days -| 1](/2025/08/04/sonicwall_investigates_cyber_incidents/?td=keepreading) [#### ‘Impersonation as a service’ the next big thing in cybercrimeUnderground forums now recruiting English-speaking social engineersCyber-crime1 day -|](/2025/08/21/impersonation_as_a_service/?td=keepreading) [#### FBI: Russian spies exploiting a 7-year-old Cisco bug to slurp configs from critical infrastructureSnarfing up config files for ‘thousands’ of devices…just for giggles, we’re sureCyber-crime3 days -| 10](/2025/08/20/russian_fsb_cyberspies_exploiting_cisco_bug/?td=keepreading) [#### Typhoon-adjacent Chinese crew broke into Taiwanese web hostIs that a JuicyPotato on your network?Cyber-crime8 days -|](/2025/08/15/typhoonadjacent_chinese_crew_taiwan_web_servers/?td=keepreading) [#### Fortinet discloses critical bug with working exploit code amid surge in brute-force attemptsIf there’s smoke?Patches10 days -| 10](/2025/08/13/fortinet_discloses_critical_bug/?td=keepreading) [#### Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacksA few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploitCyber-crime12 days -| 4](/2025/08/11/russias_romcom_among_those_exploiting/?td=keepreading) [#### Psst: wanna buy a legit FBI email account for $40?Government and police employee credentials sold at bargain-basement prices on underground forumsCyber-crime9 days -| 6](/2025/08/14/fbi_email_accounts_for_sale/?td=keepreading)

Related Tags:
RansomHub

Strawberry Tempest

Storm-0875

Octo Tempest

GOLD SAHARA

Akira

PUNK SPIDER

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 334 – Computer And Electronic Product Manufacturing

Associated Indicators:

Threat Intel Solutions

Short circuit: Electronics supplier to tech giants suffers ransomware shutdown

Search

Popular Posts

Dangerous runC flaws could allow hackers to escape Docker containers

Lost iPhone? Don’t fall for phishing texts saying it was found

NAKIVO Introduces v11.1 with Upgraded Disaster Recovery and MSP Features

Categories

Pages

Archives

Tags

Follow Us