• ITVI.USA
    15,530.580
    61.700
    0.4%
  • OTRI.USA
    24.320
    -0.110
    -0.5%
  • OTVI.USA
    15,484.110
    63.600
    0.4%
  • TLT.USA
    2.700
    -0.010
    -0.4%
  • TSTOPVRPM.ATLPHL
    2.500
    -0.050
    -2%
  • TSTOPVRPM.CHIATL
    3.080
    0.050
    1.7%
  • TSTOPVRPM.DALLAX
    1.370
    -0.080
    -5.5%
  • TSTOPVRPM.LAXDAL
    2.950
    0.040
    1.4%
  • TSTOPVRPM.PHLCHI
    1.690
    -0.010
    -0.6%
  • TSTOPVRPM.LAXSEA
    3.130
    0.110
    3.6%
  • WAIT.USA
    120.000
    0.000
    0%
  • ITVI.USA
    15,530.580
    61.700
    0.4%
  • OTRI.USA
    24.320
    -0.110
    -0.5%
  • OTVI.USA
    15,484.110
    63.600
    0.4%
  • TLT.USA
    2.700
    -0.010
    -0.4%
  • TSTOPVRPM.ATLPHL
    2.500
    -0.050
    -2%
  • TSTOPVRPM.CHIATL
    3.080
    0.050
    1.7%
  • TSTOPVRPM.DALLAX
    1.370
    -0.080
    -5.5%
  • TSTOPVRPM.LAXDAL
    2.950
    0.040
    1.4%
  • TSTOPVRPM.PHLCHI
    1.690
    -0.010
    -0.6%
  • TSTOPVRPM.LAXSEA
    3.130
    0.110
    3.6%
  • WAIT.USA
    120.000
    0.000
    0%
Driver issuesNewsTechnologyTrucking

Ransomware gang exposes truckers’ personal information after attack

Files from subsidiary E.W. Wylie posted to dark web

A ransomware gang has posted thousands of internal files after a cyberattack on U.S. trucking company Daseke Inc. (NASDAQ: DSKE), exposing the personal information of drivers, among other potentially sensitive data.

The files, uploaded by the Conti ransomware gang to the dark web, appear to have been stolen from Daseke carrier E.W. Wylie. They include numerous trip reports from truck drivers, and some contain significant amounts of personal information.

The data leak came less than a week after Daseke first acknowledged the cyberattack. Daseke, the largest flatbed carrier in the U.S., issued a statement to FreightWaves in response to questions about the release of internal documents:

“We are continuing to actively investigate this incident in partnership with outside cybersecurity experts and law enforcement. We have made the appropriate internal and external stakeholders aware of this.” 

Texas-based Daseke said it would not offer further information as the investigation into the attack continues. The company has a fleet of over 5,000 tractors across its carriers in the U.S. and Canada, with 500 at North Dakota-based E.W. Wylie. 

Ransomware gang targeted multiple companies in the supply chain before Daseke

Conti has targeted multiple companies serving the supply chain in recent months. On Saturday, it posted data stolen from Texas customs broker Daniel B. Hastings, including documentation for complex international shipments. 

Ransomware gangs like Conti generally leak stolen data after companies refuse to pay ransoms. The Daseke leak suggests the company rebuffed the gang’s efforts to extort it.

Conti posted over 6,000 files to the dark web at some point during the week. It came after the group posted files from another company, claiming it was from E.W. Wylie, raising doubts about the extent of the data breach. 

While not readily accessible to typical Internet users, the files contain potentially sensitive information about drivers, customers and other company operations. 

Ransomware attacks have proliferated during the COVID-19 pandemic — with supply chain companies getting hit with increasing frequency. The attacks themselves can bring serious disruptions to operations when the hackers effectively lock victims out of their systems. 

The attackers have increasingly incorporated the threat of public data release as part of their arsenal of extortion tools. Security experts say, however, that paying ransoms offers no real protection from having stolen data released or exploited.

Paying ransoms could break sanctions laws, federal agency says

Recent guidance from the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) urged victims not to pay ransomware attackers directly or through intermediaries. 

The Oct. 1 advisory noted that payments “encourage future ransomware payment demands” and risk violating U.S. sanctions laws depending on where the money ultimately goes. 

“Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations,” the advisory states.

Click for more FreightWaves articles by Nate Tabak

Ransomware hackers claim attack on Texas customs broker

Daseke targeted in cyberattack as ransomware groups hit supply chain

Trucker held in US-Canada marijuana case asks court to let him go home

Tags

Nate Tabak, Border and North America Correspondent

Nate Tabak is a Toronto-based journalist who covers cross-border trucking, logistics and trade for FreightWaves. Before moving to Canada, he spent seven years reporting stories in the Balkans and Eastern Europe as a reporter, producer and editor based in Kosovo. He previously worked at newspapers in the San Francisco Bay Area, including the San Jose Mercury News. He graduated from UC Berkeley, where he studied the history of American policing. Contact Nate at ntabak@freightwaves.com.

One Comment

  1. UN Solder’s claiming to be refugees or on a work visa are Hustling trucker’s kidnapping them and claim to be government agent’s while blowing meth on trucker’s in the men’s room .then do a show biz acting crime at the fuel desk trying to hustle up someone to arrest for his quota or commission check.

Leave a Reply

Your email address will not be published. Required fields are marked *

Close