Estes freight shipping reports ransomware and data breach, exposes 21k individuals

Estes Express Lines, a major freight shipping company, experienced a ransomware attack in October 2023, impacting over 21,000 individuals. Estes, founded in 1931 and based in Richmond, Virginia, is the largest privately held less-than-truckload (LTL) firm in the United States, employing approximately 20,000 people and operating a sizable fleet of vehicles and terminals.

The LockBit ransomware gang claimed responsibility for the attack and reportedly leaked stolen data on a Tor-based site.

The attack, which occurred on September 26, 2023, and was discovered on October 1, 2023, involved unauthorized access to Estes’ network and data extraction from its systems. Forensic investigations concluded on November 7, but notifications to affected individuals began in December after law enforcement completed their investigation.

Compromised data included:

• names,
• Social Security numbers,
• other personal identifiers.

The attack apparently impacted around 21,000 individuals. No details are available about the nature of the attack.

Estes, which did not pay the ransom, has undertaken measures to lock out the threat actor, conducted a forensic investigation, and strengthened its IT systems. Despite not disclosing specific restoration efforts, Estes has fully restored its system capabilities. Estes is offering free identity monitoring services for a year to those affected.