Watch Now


Estes Express confirms cyberattack 

LTL carrier says systems are still being impacted

Estes Express confirmed Tuesday that the LTL carrier has been the target of a cyberattack. (Photo: FreightWaves/Jim Allen)

Estes Express on Tuesday confirmed that it has been the target of a cyberattack.

The Richmond, Virginia-based LTL carrier did not share details about the attack or what areas of the company have been impacted. In a statement posted Tuesday morning on X, formerly known as Twitter, the company said, “… our terminals and drivers are effectively picking up and delivering freight while we work through this event. We’re working as quickly as possible to resolve this issue and return to business as usual.”

On Monday, Estes posted a notice on X announcing that it suffered an outage that impacted its IT infrastructure but did not specify the cause.

Phone calls made by FreightWaves to the main Richmond headquarters were answered with a recorded message that the call “could not be completed as dialed.” Phone calls made to two Estes depots returned the same message.


Multiple attempts from different individuals at FreightWaves to access the company’s website resulted in a message that the site could not be reached.

According to a Tuesday morning email sent out by the Deutsche Bank transportation research team led by Amit Mehrotra, privately owned Estes’ annual revenue is roughly $4 billion and it is the fifth-largest LTL carrier. 

“Depending on the length of the outage, this is a notable disruption to an already disrupted LTL market, and could have implications for other LTL carriers as they disclose October volumes numbers later this month. It’s too early to tell what impact this may have,” Deutsche Bank wrote in its note.

At approximately 10:15 a.m. Tuesday, there was no obvious reaction to the Estes news in the stock price of other LTL carriers. Old Dominion (NASDAQ: ODFL) and ArcBest (NASDAQ: ARCB) were down slightly, while Saia (NASDAQ: SAIA) was up a little more than 1%. Forward Air (NASDAQ: FWRD), which had its own significant cyberattack in 2020, was mostly unchanged.


8 Comments

  1. Jack Bauer

    Yep of course the attack took place on the weekend when there wasn’t many people around the general office. A trucking company I used to work for was attacked and held from Ransom that only system that stayed up and running was of course the good old IBM Mainframe it kept on trucking.

  2. Cynthia Fukuda

    God bless the Estes family! Hoping for a quick recovery as I am too an Estes employee. It’s just terrible and far too often events like this can take down a company, but, not for long! We will be back and better yet, come back stronger!

  3. These Comments

    Sus, ODFL. Very sus.

    Also, people complaining that no one is calling, the systems are literally down and there is no way to look up shipments and information at the terminals or on the website. If your shipper or 3PL failed to put your phone number on the BOL, how do you expect anyone to call you? Freight is delivering and being picked up, it’s just not going to happen in timeframes most people want to hear right now because they are having to use the old school way in a digital age. Companies are doing the best they can with what they have and doing it with a lot of patience.

    Perhaps pray for some Grace and then extend it to others.

  4. Darren Kelley

    Be nice if you contacted the customer waiting delivery so they can schedule their day. I’m shipping a piece of equipment to my son from Northern Tool and they don’t seem to know what is happening. I have a tracking number and need to know when the truck is due. Northern tool gave me a number (804) 353 – 1900 amazing you cannot get through !

Comments are closed.