Ransomware cyber

Estes Forwarding Worldwide

Jun 28, 2025 1 min read
Estes Forwarding Worldwide

Estes Forwarding Worldwide experienced a ransomware attack on May 28, 2025, by the Qilin ransomware gang. The attack compromised documents including passport scans, driver’s licenses, and spreadsheets. Although the company assured there was no significant disruption to their business and they were fully operational within hours, the data breach involved sensitive information, potentially affecting customers and employees. The exact number of notified victims and whether a ransom was paid remain unknown.

Source: https://www.comparitech.com/news/freight-forwarder-estes-notifies-data-breach-victims-ransomware-gang-takes-credit/

TPRM report: https://scoringcyber.rankiteo.com/company/estes-forwarding-worldwide

"id": "est626062825",
"linkid": "estes-forwarding-worldwide",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Transportation',
                        'location': 'Richmond, Virginia',
                        'name': 'Estes Forwarding Worldwide',
                        'size': '1,000 employees',
                        'type': 'Freight company'}],
 'attack_vector': 'Phishing emails',
 'data_breach': {'data_exfiltration': 'Yes',
                 'file_types_exposed': ['Passport scans',
                                        "Driver's licenses",
                                        'Spreadsheets'],
                 'personally_identifiable_information': 'Yes',
                 'type_of_data_compromised': ['Passport scans',
                                              "Driver's licenses",
                                              'Spreadsheets']},
 'date_detected': '2025-05-28',
 'date_publicly_disclosed': '2025-06-23',
 'date_resolved': '2025-05-28',
 'description': 'Freight company Estes Forwarding Worldwide confirmed a cyber '
                'attack on May 28, 2025. Ransomware gang Qilin took credit for '
                'the attack and posted sample images of stolen documents, '
                'including passport scans and driver’s licenses.',
 'impact': {'data_compromised': ['Passport scans',
                                 "Driver's licenses",
                                 'Spreadsheets'],
            'operational_impact': 'No significant disruption'},
 'initial_access_broker': {'entry_point': 'Phishing emails'},
 'motivation': 'Financial gain',
 'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Qilin'},
 'references': [{'source': 'Comparitech'}],
 'response': {'communication_strategy': 'Email notification to customers, '
                                        'partners, and employees',
              'recovery_measures': 'Swift response of IT team and third-party '
                                   'security experts',
              'third_party_assistance': 'IT team and third-party security '
                                        'experts'},
 'threat_actor': 'Qilin',
 'title': 'Estes Forwarding Worldwide Ransomware Attack',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.