Freight shipping giant Estes Express Lines has started informing more than 21,000 individuals that their personal information was stolen in a recent ransomware attack.
The incident was identified on October 1, 2023, and the investigation into the matter determined that the attackers gained access to the company's network on September 26, 2023.
While residing in the network, the attackers accessed and extracted data from some of Estes' systems, and deployed ransomware.
Estes says that a forensic investigation into the incident was concluded on November 7, but notification letters started being sent to the affected individuals only in December, after law enforcement concluded their own investigation into the incident.
The personal information that was compromised in the attack, Estes told the Maine Attorney General's Office, included names, other personal identifiers, and Social Security numbers.
The company also underlined that it did not pay a ransom, but did not share specific details on its remediation and restoration efforts.
While Estes did not name the ransomware that it fell victim to, the LockBit ransomware gang claimed responsibility for the attack in early November.
On November 13, the group published the data allegedly stolen from Estes on its Tor-based leak site.
Estes is offering the affected individuals free identity monitoring services for 12 months.
This Cyber News was published on packetstormsecurity.com. Publication date: Thu, 04 Jan 2024 13:43:05 +0000