Cyber Incident Victim: Expeditors International of Washington, Inc.
Date:
Feb 2022
Location:
United States of America
Summary
Expeditors International of Washington, Inc. experienced a targeted cyber-attack that prompted the immediate shutdown of most global operating systems to safeguard its infrastructure, severely limiting operational capabilities including freight shipments and customs management. The company engaged cybersecurity experts to investigate and restore systems securely while exploring mitigation strategies with partners, acknowledging potential material adverse impacts on business operations, revenue, and reputation due to prolonged downtime. Ongoing remediation efforts and expenses were anticipated as the situation evolved, with commitments to provide further updates as developments warranted.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 6 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 20, 2022, Expeditors International of Washington, Inc. identified that it had been targeted in a cyber-attack, prompting an immediate global shutdown of most operating systems to safeguard its overall systems environment. The company initiated containment measures upon discovery, prioritizing system security and minimizing disruptions to customer operations. This shutdown severely limited Expeditors' ability to conduct core business functions, including freight shipment coordination and customs and distribution management for customer shipments globally. Expeditors engaged external global cybersecurity experts to assist in managing the evolving situation while maintaining transparency commitments to customers through planned updates. The company emphasized that restoring operations securely was contingent upon a thorough investigation, with no specific timeline provided due to the early stage of remediation efforts.
Expeditors launched parallel investigations to determine the attack's scope and implement secure system restoration protocols while evaluating mitigation strategies with carriers and service providers to reduce customer impact. The incident incurred immediate expenses for investigation and remediation, with expectations of continued costs that could materially affect business revenues, operational results, and corporate reputation depending on the duration of operational disruptions. Forward-looking statements in their disclosure highlighted uncertainties regarding the attack's full impact and restoration timeline, noting risks associated with prolonged system downtime. Expeditors committed to providing factual updates as the situation progressed but refrained from speculative projections, underscoring adherence to legal disclosure requirements without assuming obligations beyond mandated reporting. The company maintained communication channels through its executive leadership and investor relations team while focusing on system integrity and customer impact mitigation as primary objectives throughout the response.