January 3, 2024 at 04:35PM
Estes Express Lines, a major US freight shipper, notified over 20,000 customers of a potential data breach due to a ransomware attack. The company refused to pay the ransom and claims the cyberattack has been mitigated. The criminals stole personal information and Estes is cooperating with the FBI while offering affected individuals free identity monitoring for 12 months.
Key Takeaways from the Meeting Notes on Estes Express Lines Cyberattack:
1. On October 1, 2023, Estes Express Lines discovered that their IT network was accessed by an unauthorized threat actor who deployed ransomware, affecting more than 20,000 customers.
2. The company did not pay the demanded ransom in line with the FBI and financial regulators’ recommendations.
3. Estes President and COO Webb Estes announced on October 24th that the company had completely restored its systems capabilities after the cyberattack.
4. The ransomware crew Lockbit took responsibility for the intrusion and claimed to have published the stolen data on November 13.
5. Estes filed a data breach notification with the Maine Attorney General, indicating that personal information, including names or other personal identifiers in combination with Social Security numbers, was stolen by the criminals.
6. The company is cooperating with the FBI and stated that it will provide affected individuals with 12 months of free identity monitoring from Kroll.
7. Estes is not aware of any identity theft, fraud, or financial losses resulting from the incident.
Overall, the cyberattack on Estes Express Lines has raised hotly debated discussions regarding ransom payments, the impact on victim organizations, and the ethical considerations of paying ransom demands. The incident underscores the significant financial and reputational risks associated with cyberattacks and the importance of robust cybersecurity measures.