Cyber Incident Victim: Canpar Express

On August 18, 2020, Canadian delivery company Canpar Express experienced a ransomware attack that disrupted its operations and systems. The attack compromised some of the company's infrastructure, rendering its primary website inaccessible except for a single notification page informing customers of the incident. This outage prevented clients from tracking packages, scheduling deliveries, or arranging pickups through the digital platform. Customers rapidly reported delivery delays and operational disruptions via social media, with one business client stating they were forced to hold orders company-wide due to an inability to ship products. The company acknowledged the ransomware attack publicly through its website notice but did not disclose specifics regarding the attackers, ransom demands, or initial intrusion methods.

Canpar Express initiated an immediate investigation upon detecting the incident and engaged external cybersecurity experts to assist with containment and remediation. The company implemented measures to isolate affected systems while maintaining most shipping operations, though service interruptions persisted. A Canpar employee confirmed the organization was working urgently to resolve the issue but declined to provide additional details regarding delivery timelines, staffing impacts, or data compromise risks when contacted by media. The public statement emphasized no evidence of client information misuse had been found but advised customers to remain vigilant. Recovery efforts focused on restoring systems, addressing service backlogs, and implementing safeguards against future attacks, though the timeline for full resolution remained unspecified as of the initial reporting period.