Forward Air Discloses Ransomware Data Breach Months After Incident

Freight shipping giant Forward Air Corp. finally admits to a ransomware data breach that hit the company back in December of 2020. Almost a year later, the trucking company disclosed that the attack exposed and compromised former employees’ information.

According to Freight Waves, Forward Air Corp. reportedly sent letters to different attorney general offices across four states, namely California, Montana, New Hampshire, and Vermont on September 24, 2021, in attempts to notify affected people about the incident.


Freight Waves notes that although the letters disclosed the incident and included more details about the compromised information, the freight shipping giant fails to acknowledge or refer to the ransomware attack which happened last December. However, the news site states that Forward Air mentioned that it first became aware of malicious activity on its systems by December 15, 2020.

Forward Air Discloses Ransomware Data Breach

Silicon Angle notes that the details provided by Forward Air to its letters dated September 24, 2021, were old news, saying that these were available in a filing with the United States Securities and Exchange Commission made by the freight shipping company on February 2021.


The incident made the trucking giant lose approximately $7.5 million from its revenue, mainly from the need to suspend its systems and data interfaces, thereby leading to a disruption in its business, reports Bleeping Computer.

Bleeping Computer revealed that the ransomware attack launched on Forward Air may be the work of a cybercrime gang known as Evil Corp. The group reportedly used ransomware called Hades to launch an attack on the freight company.

In the letter sent to employees, the company detailed that their personal information may have been exposed as a result of the incident. Among the compromised information including their names, addresses, dates of birth, passport numbers, Social Security numbers, driver’s license numbers, and their bank account numbers.


Following this, the letter written by the chief information officer of Forward Air Officer Jay Tomasello reads, “At this time, there is no indication that anyone’s information has been subject to actual or attempted misuse. Nevertheless, we are informing you because your information was stored on our systems.”

That said, Forward Air states that the company will be offering affected individuals one whole year of free credit monitoring service via myTrueIdentity, notes Bleeping Computer.

Despite admitting the incident, Freight Waves points out that as of writing, the trucking giant has still not disclosed the number of individuals affected by it. However, the letter said that the ransomware data breach impacts both former and current employees of the company.

No posts to display