Cyber Incident Victim: Estes Express Lines
Date:
Oct 2023
Location:
United States of America
Summary
Estes Express Lines experienced a cyberattack disrupting its IT infrastructure and causing system outages, though core operations were restored following enhanced security measures. The incident impacted communications channels, including telephone lines and EDI systems, which were later reactivated, while freight movement continued uninterrupted throughout the event. The company acknowledged its employees' efforts in maintaining service continuity and expressed gratitude for customer patience during recovery efforts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Estes Express Lines experienced a cyberattack early in the week of October 1, 2023, which disrupted its core IT infrastructure and impacted multiple operational systems. The Richmond, Virginia-based freight carrier publicly confirmed the incident on October 1 through a website statement, characterizing it as a cyberattack following initial reports of an infrastructure outage. Immediate effects included widespread system inaccessibility, with customers unable to reach the company via telephone during the initial attack period as calls failed to connect. Core operational capabilities were impaired, affecting functions such as electronic data interchange (EDI) communications, freight billing, pickup scheduling, and shipment tracking. Despite these disruptions, the company maintained freight movement throughout its network, with terminals and drivers continuing pickups and deliveries using alternative processes. Estes mobilized a 24/7 response team to implement additional security measures and initiate system restoration while safeguarding employee livelihoods and customer service continuity.
By October 8, 2023, Estes had restored telephone lines to local terminals and reactivated online chat functionality accessible through its website. The company reinstated EDI communications, enabling processing of customer 204 pickup requests and 211 bills of lading, with 214 tracking notifications and 210 invoicing functionality returning as freight bill updates resumed. Core operations systems came back online to manage freight billing, PRO updates, manifest creation, and equipment management. Estes directed customers to terminal-specific phone numbers, the chat feature, or contact forms for pickup scheduling and shipment tracking while the main website remained partially functional. The carrier acknowledged the efforts of its 22,000 employees in maintaining operations during the outage and thanked customers for their patience, specifically noting appreciation for customer offers of assistance while emphasizing the importance of allowing normal freight operations to continue. No data compromise or theft specifics were disclosed, with system restoration work ongoing beyond October 8 under continued security monitoring.