Data I/O Corporation, a leading provider of programming and security deployment solutions for electronics manufacturers, recently experienced a significant ransomware attack that has disrupted its operations. The Redmond, Washington-based company specializes in designing and manufacturing systems for programming flash memory-based devices, including microcontrollers and secure element devices. Their clientele includes major corporations such as Bosch, Amazon, Apple, Google, HP, Microsoft, Siemens, Philips, Sony, and Foxconn.
On August 16, 2025, Data I/O detected unauthorized access to its IT systems, which was later identified as a ransomware attack. In response, the company promptly activated its incident response protocols, taking certain platforms offline to contain the intrusion. This proactive measure led to disruptions in various functions, including internal and external communications, shipping, manufacturing production, and other support operations.
In a Form 8-K filed with the U.S. Securities and Exchange Commission (SEC) on August 21, Data I/O disclosed the incident, stating that it had engaged external cybersecurity experts to assist with the investigation and recovery process. The company emphasized its commitment to restoring affected systems and resuming normal operations as swiftly as possible.
The SEC filing also indicated that the cybercriminals might have exfiltrated data from the compromised systems. Data I/O is currently assessing the extent of the data breach and, based on the findings, plans to notify affected individuals and regulatory authorities in compliance with applicable laws.
As of the filing date, the company could not provide a definitive timeline for the full restoration of its systems. However, it acknowledged that the costs associated with the incident—including fees for cybersecurity experts, advisors, and system restoration—are likely to have a material impact on its financial condition and operational results.
This incident underscores the growing threat of ransomware attacks targeting industrial and manufacturing sectors. According to cybersecurity firm Dragos, the manufacturing sector accounted for 65% of ransomware victims in the second quarter of 2025. Notable companies such as Inotiv, a pharmaceutical and biotech firm, and DaVita, a leading dialysis provider, have also reported ransomware attacks in recent months, highlighting the pervasive nature of this cyber threat.
Inotiv detected a ransomware attack on August 8, 2025, which led to the encryption of key systems and significant operational disruptions. The company engaged third-party cybersecurity specialists to investigate and recover from the incident. Similarly, DaVita disclosed a ransomware attack that affected approximately 2.7 million individuals, compromising sensitive patient information. Despite the breach, DaVita maintained uninterrupted critical care services across its nearly 3,000 outpatient clinics and home services.
These incidents highlight the critical importance of robust cybersecurity measures in protecting sensitive data and ensuring the continuity of operations. Organizations are advised to implement comprehensive security protocols, including regular system updates, employee training on phishing and other cyber threats, and the establishment of incident response plans to mitigate the impact of potential cyberattacks.
As Data I/O continues to address the aftermath of the ransomware attack, the company remains focused on restoring its operations and safeguarding its systems against future threats. The incident serves as a stark reminder of the evolving cyber threat landscape and the necessity for organizations to remain vigilant and proactive in their cybersecurity efforts.
