Estes Express Lines, a major private freight shipping company in the United States, has notified over 20,000 customers about a security breach where their personal information was stolen by unknown hackers.
The company revealed that on October 1, 2023, unauthorized individuals gained access to a part of their IT network and deployed ransomware.
Despite the standard advice from the FBI and financial regulators, Estes chose not to pay the ransom demanded by the attackers.
A group known as Lockbit claimed responsibility for the breach a month later and disclosed that they leaked data taken from the company on November 13.
On New Year's Eve, Estes filed a data breach notice with the Maine Attorney General, providing further insights into the digital intrusion, now confirmed to be a ransomware attack.
According to Estes, they are collaborating with the FBI in the investigation.
While the forensic analysis confirmed that personal information was stolen, the specifics of the accessed data were not explicitly mentioned in the sample notification letter.
The Maine filing indicated that it involved names or other personal identifiers combined with Social Security numbers, suggesting a broader scope of compromised information.
Estes has not provided immediate responses to inquiries regarding details about the breach, such as the stolen data specifics, the initial network access point for the hackers, the ransom amount demanded, and the rationale behind the decision to refrain from paying the ransom.
This decision has sparked a contentious debate encompassing practical considerations like effective backups and financial implications, along with broader ethical concerns such as potential support for criminal activities like human trafficking, terrorism, or future cybercrimes through ransom payments.
Both paying and not paying ransoms have proven to be financially burdensome for affected entities.
Caesars Entertainment allegedly paid $15 million to a ransomware group to decrypt their data and prevent customer information leakage after a September breach, while MGM Resorts, despite not paying the ransom in a similar attack, suffered losses surpassing $100 million.
While the US government advises against ransom payments, some voices advocate for a complete ban on such extortion payments.
Despite the breach, Estes has stated that they are not currently aware of any instances of identity theft, fraud, or financial losses stemming from the incident.
They plan to offer affected individuals 12 months of free identity monitoring services through Kroll.
This Cyber News was published on www.cysecurity.news. Publication date: Sat, 06 Jan 2024 16:13:06 +0000