The October 2023 cyberattack against Estes Express Lines was in fact ransomware, but the company has not paid any ransom so far.
The company confirmed the news in an email recently sent to affected customers, The Register reports.
According to the email, sent to approximately 21,000 people, the threat actors accessed the company’s IT infrastructure on October 1, 2023 and managed to deploy ransomware. “Consistent with the standard recommendation of the FBI and financial regulators, Estes did not pay the ransom,” the letter reads.
Completely restored
The company also filed a data breach notice with the Maine Attorney General, saying criminals stole names, Social Security numbers and “other personal identifiers.” The Register speculates that threat actors exfiltrated more than this due to “white text in the letters.”
Estes did not share additional details, including the identity of the attackers, how they managed to compromise the company’s endpoints (through malware or social engineering), what types of data they stole, whose data it was, or what the ransom demands were. However, the operators of the infamous LockBit ransomware claimed responsibility for the attack and said they leaked stolen company data.
Since the attack, Estes notified police and other law enforcement agencies and managed to “fully” restore its system capabilities. The FBI is currently investigating the matter, he said.
Estes states that it is “not aware of any identity theft, fraud, or financial loss resulting from this incident” and adds that it will provide affected customers with 12 months of free identity monitoring through Kroll.
Estes Express Lines is a privately held American freight transportation provider headquartered in Richmond, Virginia. Founded in 1931 by WW Estes, the company remains owned and operated by the Estes family. As the largest private less-than-truckload (LTL) company in the United States, the company has approximately 20,000 employees, more than 6,700 tractors and 30,000 trailers, and a network of more than 240 terminals.
