Cyber Incident Victim: Radiant Logistics
Date:
Dec 2021
Location:
United States of America
Summary
Radiant Logistics experienced a cybersecurity incident involving unauthorized access to its network, leading to the removal of files containing sensitive consumer data. The company detected unusual network activity, secured its systems, and engaged external cybersecurity experts to investigate, confirming the breach and initiating consumer notifications. While specific compromised data types were not publicly disclosed, state reporting guidelines suggest potential exposure of Social Security numbers, financial account information, or government-issued identification documents. The incident may be linked to a previously reported ransomware attack where threat actors typically encrypt data and demand payment, though no evidence confirmed leaked data appeared on dark web platforms.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 6, 2021, Radiant Logistics, Inc. detected unusual activity within its computer network. The company responded by securing its servers and engaging an external cybersecurity firm to investigate the incident. The investigation confirmed that an unauthorized party had accessed the network and removed certain files containing sensitive consumer data. While Radiant Logistics did not publicly disclose the specific data types compromised, its September 1, 2022 breach notification to the Montana Attorney General indicated potential exposure of Social Security numbers, financial account information, driver's license numbers, or state identification numbers, as Montana law requires reporting only for breaches involving these categories. The company completed a review of affected files to identify impacted consumers and mailed data breach notification letters to affected individuals on September 1, 2022. Radiant Logistics had previously filed a December 2021 notice with the U.S. Securities and Exchange Commission regarding a ransomware incident discovered on December 8, 2021, though the company did not explicitly confirm whether this was the same event reported to Montana authorities.
The incident investigation revealed that unauthorized actors accessed files containing consumer information, though no evidence confirmed whether exfiltrated data appeared on the dark web. Radiant Logistics operates as a publicly traded freight and logistics provider with over 650 employees and approximately $1 billion in annual revenue, serving clients across multiple industries including healthcare, government, and retail. The company's regulatory filings and breach notifications did not specify technical details about the attack vector or containment measures beyond initial server security enhancements. Potential consequences for affected individuals included risks of identity theft and fraud due to possible exposure of sensitive personal information. Radiant Logistics undertook standard post-breach procedures including forensic investigation, regulatory notifications, and consumer outreach, though the scope of impacted systems and exact data exfiltration timeline remained undisclosed in available public records.