UNITED STATES SECURITIES AND EXCHANGE COMMISSION |
|
FORM |
CURRENT REPORT |
Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934 |
|
Date of Report (Date of earliest event reported): |
(Exact name of registrant as specified in its charter) |
|
| |||
(State or other jurisdiction of incorporation) |
| (Commission File Number) |
| (IRS Employer Identification No.) |
(Address of principal executive offices, including zip code) |
|
( |
(Registrant’s telephone number, including area code) |
|
Not Applicable |
(Former name or former address, if changed since last report) |
Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:
Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425) | |
|
|
Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12) | |
|
|
Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b)) | |
|
|
Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c)) |
Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).
Emerging growth company
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act ☐
Items reported in this filing:
Item 1.05 Material Cybersecurity Incidents
Item 7.01 Regulation FD Disclosure
Item 9.01 Financial Statements and Exhibits
|
Item 1.05 Material Cybersecurity Incidents.
As previously disclosed on August 21, 2025 in a Current Report on Form 8-K filed with the Securities and Exchange Commission (“SEC”), on August 16, 2025, Data I/O Corporation (the “Company”) experienced a ransomware incident (the “Incident”) on certain of its internal IT systems. Through ongoing discovery and investigation efforts, the Company has determined that the Incident was not targeted but originated as a vulnerability of a commercially available third-party firewall service provider. The Company engaged leading cybersecurity experts to support the IT system recovery and conduct a comprehensive investigation. Through dealing with this Incident, the Company has improved and strengthened its IT systems and based on the findings, the Company does not believe any additional actions are necessary.
As of the date of this filing, the Company has restored the affected systems and the Incident has been completely contained and remediated. The Incident temporarily impacted the Company’s operations, including internal/external communications, shipping, receiving, manufacturing production, and various other support functions, which are fully operational as of the date of this filing. As of the date of this filing, it does not appear that any revenue has been lost as a result of the Incident. As of September 9, 2025, the estimated costs related to the Incident for remediation, restoration and investigation efforts are expected to total approximately $388,000 in expenses in the third quarter ending September 30, 2025 and will likely have a material impact on the Company’s results of operations and financial condition.
Safe Harbor/Forward Looking Statement and Disclosure Information
This Current Report on Form 8-K contains forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, such as the Company’s expectations or beliefs regarding future events, actions or performance related to the Incident, including the results of the Company’s investigation of the Incident, the impact of the Incident on the Company and its financial condition and results of operations. Forward-looking statements typically are identified by use of terms such as “anticipate,” “believe,” “expect,” “project,” “may,” “will,” “should,” “could,” “likely” and similar words. Except as required by law, the Company undertakes no obligation to publicly update or revise any forward-looking statements, whether as a result of new information, future events or otherwise. The Company’s actual results could differ materially from those contained in forward-looking statements due to a number of factors, including the impact of the Incident, the results from the Company’s investigation of the Incident, and other risks and factors described by the statements under “Risk Factors” in the Company’s most recent Annual Report on Form 10-K and in its subsequent filings with the United States Securities and Exchange Commission.
| 2 |
Item 7.01 Regulation FD Disclosure.
On September 4, 2025, the Company issued a press release entitled “Data I/O Issues Update on Cybersecurity Incident”, attached hereto as Exhibit 99.0.
The information contained in the press release attached hereto is being furnished and shall not be deemed filed for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), or otherwise subject to the liability of that section, and shall not be incorporated by reference into any registration statement or other document filed under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such filing.
Item 9.01 Financial Statements and Exhibits.
(d) Exhibits
Exhibit No. |
| Description |
| Press Release: Data I/O Issues Update on Cybersecurity Incident |
| 3 |
SIGNATURE
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.
| Data I/O Corporation |
| |
|
|
|
|
September 10, 2025 | By: | /s/ Charles DiBona |
|
|
| Charles DiBona Chief Financial Officer |
|
| 4 |