Empire Express Hit by DragonForce Ransomware Attack, Exposing Sensitive Data of 5,438 Individuals
Empire Express Inc., a Memphis-based trucking and logistics company, suffered a ransomware attack in April 2026, resulting in the exposure of sensitive personal data. The breach was discovered on April 13, 2026, when the cybercriminal group DragonForce claimed to have stolen 94 GB of company data, threatening to publish it on the dark web.
The compromised information includes driver’s licenses, Social Security numbers, and names of affected individuals. Empire Express reported the incident to the Maine and Massachusetts attorneys general on May 5, 2026, confirming that 5,438 U.S. individuals were impacted. Affected parties were notified in writing the same day.
Empire Express, founded in 1985, operates across the U.S., Mexico, and Canada, employing between 175 and 227 people. The company’s headquarters is located in Memphis, Tennessee.
Legal firm Shamis & Gentile P.A. is investigating the breach, indicating that affected individuals may be eligible for compensation. The attack underscores the growing threat of ransomware in the logistics sector.
Source: https://www.claimdepot.com/investigations/empire-express-data-breach-2026
Empire Express Inc. TPRM report: https://www.rankiteo.com/company/empire-express-trucking
"id": "emp1778085131",
"linkid": "empire-express-trucking",
"type": "Ransomware",
"date": "5/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '5,438 individuals',
'industry': 'Trucking and Logistics',
'location': 'Memphis, Tennessee, U.S.',
'name': 'Empire Express Inc.',
'size': '175-227 employees',
'type': 'Company'}],
'customer_advisories': 'Written notifications sent to affected individuals on '
'May 5, 2026',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '5,438',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Driver’s licenses',
'Social Security numbers',
'Names']},
'date_detected': '2026-04-13',
'date_publicly_disclosed': '2026-05-05',
'description': 'Empire Express Inc., a Memphis-based trucking and logistics '
'company, suffered a ransomware attack in April 2026, '
'resulting in the exposure of sensitive personal data. The '
'breach was discovered on April 13, 2026, when the '
'cybercriminal group DragonForce claimed to have stolen 94 GB '
'of company data, threatening to publish it on the dark web. '
'The compromised information includes driver’s licenses, '
'Social Security numbers, and names of affected individuals. '
'Empire Express reported the incident to the Maine and '
'Massachusetts attorneys general on May 5, 2026, confirming '
'that 5,438 U.S. individuals were impacted. Affected parties '
'were notified in writing the same day.',
'impact': {'data_compromised': '94 GB of company data',
'identity_theft_risk': 'High'},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'DragonForce'},
'references': [{'source': 'Incident disclosure'}],
'regulatory_compliance': {'legal_actions': 'Investigation by Shamis & Gentile '
'P.A.',
'regulatory_notifications': ['Maine Attorney '
'General',
'Massachusetts '
'Attorney General']},
'response': {'communication_strategy': 'Written notifications to affected '
'individuals',
'third_party_assistance': 'Shamis & Gentile P.A. (legal '
'investigation)'},
'threat_actor': 'DragonForce',
'title': 'Empire Express Hit by DragonForce Ransomware Attack, Exposing '
'Sensitive Data of 5,438 Individuals',
'type': 'Ransomware'}