Estes Forwarding Worldwide Hit by Cyberattack, Business Operations Unaffected

June 27, 2025

Image Source: Richmond

Estes Forwarding Worldwide (EFW), the logistics and freight forwarding arm of Estes Express Lines, reported a cyberattack on May 28. The incident was swiftly contained and did not result in significant operational disruption, according to the company.

 đźšš Estes Forwarding Worldwide 🇺🇸 has confirmed it was hit by a cyber attack on May 28, 2025, after #ransomware gang Qilin claimed an attack on the transportation company this week.

Estes Express Lines was previously hit by LockBit in Oct '23.

Read more: https://t.co/MIcuOqPtgz pic.twitter.com/8R7ZUvKtuQ— Comparitech (@Comparitech) June 26, 2025 

EFW, based in Richmond, Virginia, is a critical player in the freight forwarding space and a subsidiary of Estes Express Lines, the largest private LTL carrier in North America.

“We want to assure you there was no significant disruption to our business,” said EFW CEO Scott Fisher in a customer communication obtained by FreightWaves. “Thanks to our robust cybersecurity protocols, system redundancies, and the swift response of our IT team and third-party security experts, we were fully operational within hours.”

Fisher added that Estes LTL and Estes Logistics were not affected by the cyber event and emphasized that protecting customer and employee data remains a top priority.

EFW’s Response and Containment Strategy

EFW attributed its quick recovery to its layered cybersecurity defenses and established response protocols. In addition to deploying its internal IT team, the company engaged third-party cybersecurity experts to investigate the incident and assist in containment.

  • Customers and employees were promptly notified.

  • Systems were restored within hours of the attack.

  • EFW is currently conducting a full investigation and plans to strengthen its security posture.

“We are grateful for the support of our parent company Estes Express Lines throughout this incident,” Fisher added.

Second Cyber Event in Two Years

In October 2023, Estes Express Lines suffered a significant IT infrastructure outage later confirmed to be the result of a cyberattack. The disruption temporarily shut down digital systems, including online tracking, leading to confusion among customers and a surge in inquiries across social media platforms.

Despite the system challenges, terminal and delivery operations continued, and the company worked very hard to restore full service. That event occurred shortly after Estes had made a major strategic move—securing a $1.3 billion bid for Yellow’s terminals amid that carrier’s bankruptcy proceedings.

Recent cybersecurity incidents have also impacted other logistics organizations, including United Natural Foods Inc. which was attacked earlier in June 2025.

Source: FreightWaves

Sign up for FreightCaviar

The only newsletter you need for freight broker news & entertainment.

No spam. Unsubscribe anytime.

Reply

or to participate.