Cyber Incident Victim: Estes Forwarding Worldwide

On May 28, 2025, Estes Forwarding Worldwide (EFW), a Richmond, Virginia-based logistics and freight forwarding subsidiary of Estes Express Lines, experienced a cyberattack. The company confirmed the incident to FreightWaves on the same day, notifying employees and customers promptly. CEO Scott Fisher communicated via email that the event caused no significant business disruption, attributing this outcome to existing cybersecurity protocols, system redundancies, and rapid intervention by EFW’s internal IT team alongside third-party security experts. Operations were restored fully within hours of the attack’s detection. Fisher emphasized that neither Estes Express Lines’ less-than-truckload division (Estes LTL) nor its logistics arm (Estes Logistics) suffered any operational impact, confirming the incident’s containment to EFW’s systems. The parent company, Estes Express Lines, provided support throughout the response but was not directly compromised.

EFW initiated an investigation into the attack and committed to enhancing its security measures, though specific technical details about the attack vector, data exposure, or threat actor remained undisclosed. This incident followed a prior cyberattack against parent company Estes Express Lines in October 2023, which had caused an IT infrastructure outage. The 2025 event occurred amid broader cybersecurity challenges affecting logistics firms, including United Natural Foods Inc. and Blue Yonder, though EFW’s case showed no evidence of data exfiltration or prolonged service interruptions. The company reiterated its focus on protecting stakeholder information and maintaining operational trust while continuing to assess the incident’s scope. No further updates were available at the time of reporting.