Cyber Incident Victim: Rand McNally
Date:
Nov 2020
Location:
United States of America
Summary
A transportation technology company experienced a cyberattack disrupting its network operations, prompting an immediate investigation involving forensic specialists and the temporary shutdown of affected systems. The incident caused significant service outages, including the unavailability of its main website and fleet management platform, which later resumed with limited functionality. Critical fleet telematics services were disabled, requiring drivers to switch to manual logging methods for compliance. While navigation features on consumer GPS devices remained operational, the attack impacted hosted systems and caused shipping delays for online orders. The organization stated there was no evidence of customer data compromise but could not estimate full recovery timelines during initial response efforts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Rand McNally, a Chicago-based transportation technology company established in 1856, experienced a cyberattack disrupting its network operations around November 24, 2020. The company detected the incident on November 24 and initiated an immediate investigation, engaging computer forensic specialists to assess the event's nature and scope. As part of containment measures, Rand McNally took affected systems offline, including its main corporate website and dedicated fleet management portal, both of which became inaccessible starting Tuesday morning. The disruption specifically impacted hosted systems and network infrastructure supporting critical services like the DriverConnect Electronic Logging Device (ELD) platform, forcing commercial fleets to revert to paper-based logging compliance per Federal Motor Carrier Safety Administration regulations. While navigation functions on consumer GPS devices remained operational, the company confirmed significant shipping delays for online store orders and advised customers to use chat support for Fleet products and electronics troubleshooting during the outage.
Initial notifications via Facebook and customer emails on November 24 clarified that no evidence indicated compromise of customer data. Recovery efforts focused on restoring network functionality across enterprise systems, though Rand McNally declined to provide a specific timeline for full restoration as of November 26. Limited website functionality resumed by Wednesday, November 25, while the DriverConnect ELD platform remained inoperable, requiring continued manual logging by drivers. The company maintained communication through support channels and public statements but had not disclosed technical details regarding the attack vector or perpetrator by the time of media inquiries. Operational impacts persisted across hosted services, telematics platforms, and order fulfillment systems, with restoration priorities centered on critical fleet management infrastructure.