Watch Now

C.R. England: Customer information may have been compromised in October data breach

Truckload carrier says it determined impact of cyberattack just last month

Photo: Jim Allen/FreightWaves

Truckload carrier C.R. England notified customers this week that their personal information may have been compromised in a data breach that occurred last fall.

A C.R. England spokesman confirmed the letter said the company had been the victim of “unauthorized activity” in its systems on Oct. 30, 2021. 

“In response, we immediately began containment, mitigation and restoration efforts to terminate the activity and to secure our network, systems and data,” the letter said. “In addition, we retained independent cybersecurity experts to conduct a forensic investigation into the incident and assist us in determining what happened.”

The process was not quick and the C.R. England letter said it was not until April 20 that the company concluded the files affected by the data breach “contained some of your personal information.”

In a post on the legal website J.D. Supra, Richard Console, of the law firm of Console & Associates, said that the breach is believed to have affected roughly 224,500 individuals whose Social Security numbers may have been compromised.

In a statement released to FreightWaves, TJ England, the company’s chief legal officer, said it was the first such breach that C.R. England has experienced.

“C.R. England has notified potentially affected individuals and set up a call center to address any questions from those individuals,” he said. “C.R. England has no reason to believe that any information involved was or will be published, shared or otherwise misused.”

Following the breach and leading up to the April 20 conclusion about the impact of the cyberattack, the company “reviewed the affected files to identify the individuals whose personal information may have been impacted by this incident and the categories of information involved for each individual.”

C.R. England said it was offering its affected customers one or two years of complimentary identity theft protection from IDX, which it described as a “data breach and identity recovery services expert.” It also notified the FBI of the breach.

On its webpage, the Console law firm said it would seek to interview “victims of the breach to determine what damages they sustained and what legal claims may be available to them.”

More articles by John Kingston

Divergence in sentencing grows as 2 more Louisiana accident scammer are sentenced

Solicitor general advises Supreme Court not to review C.H. Robinson case

No weakness in trucking evident in BMO quarterly data

John Kingston

John has an almost 40-year career covering commodities, most of the time at S&P Global Platts. He created the Dated Brent benchmark, now the world’s most important crude oil marker. He was Director of Oil, Director of News, the editor in chief of Platts Oilgram News and the “talking head” for Platts on numerous media outlets, including CNBC, Fox Business and Canada’s BNN. He covered metals before joining Platts and then spent a year running Platts’ metals business as well. He was awarded the International Association of Energy Economics Award for Excellence in Written Journalism in 2015. In 2010, he won two Corporate Achievement Awards from McGraw-Hill, an extremely rare accomplishment, one for steering coverage of the BP Deepwater Horizon disaster and the other for the launch of a public affairs television show, Platts Energy Week.