Freight giant Estes confirms data breach, but says it won’t pay ransom

More than 20,000 Estes customers notified of the incident

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The October 2023 cyberattack against Estes Express Lines was indeedransomware, but the company has paid no ransom demand as yet.

The company confirmed the news in an email recently sent to affected customers,The Registerreports.

As per the email, sent to roughly 21,000 people, threat actors accessed the company’s IT infrastructure on October 1, 2023, and managed to deploy ransomware. “In accordance with the standard recommendation of the FBI and financial regulators, Estes did not pay the ransom,” the letter reads.

Fully restored

Fully restored

The company also filed a data breach notification with the Maine Attorney General, in which it says that criminals stole names, Social Security Numbers, and “other personal identifiers”. The Register speculates that threat actors exfiltrated more than this due to “blank text in the letters”.

Estes did not share additional details, including the identity of the attackers, how they managed to compromise the company endpoints (viamalwareor social engineering), what types of data they stole, whose data that was, or what the ransom demands were. However, operators of the infamous LockBit ransomware have claimed responsibility for the attack, and said they leaked data stolen from the company.

Since the attack, Estes notified the police and other law enforcement agencies and managed to “completely” restore its system capabilities. The FBI is currently investigating the matter, it said.

Estes states that it’s “not aware of any identity theft, fraud, or financial losses resulting from this incident,” and adds that it will give affected customers 12 months of free identity monitoring via Kroll.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Estes Express Lines is a privately owned American freight transportation provider based in Richmond, Virginia. Founded in 1931 by W. W. Estes, the firm continues to be owned and operated by the Estes family. As the largest privately held less-than-truckload (LTL) firm in the United States, the company boasts roughly 20,000 employees, more than 6,700 tractors and 30,000 trailers, and a network of over 240 terminals.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats