Few people think of the logistics industry when they think about legal developments in the cybersecurity field. However, many of the biggest lawsuits have actually been in that area in recent years. Transportation companies have to process an enormous amount of data on an almost daily basis. That makes them a major target for those who want to collect customer details to sell to bad actors at a later date.
Most of the major lawsuits have been filed by shippers or carriers who feel wronged after a major data breach. These largely follow the same unfortunate pattern. As the following examples show, companies run into security problems, their partners feel harmed, and at least some parties turn to the court system for solutions.
Freight companies that do business internationally should invest in freight industry cybersecurity products and services and make sure that they are completely transparent with any such issues. That should help assuage the concerns of their shareholders while helping to reduce the risk of long-term financial damage.
Table of Contents
Cincinnati Data Breach Suit
In February 2020, the computer systems at a Cincinnati-based freight brokerage firm known as Total Quality Logistics got compromised. Information about customers as well as carriers got exposed after some bad actors took control of the firm’s web dashboard. The information included some of the tax identification and bank account numbers in use by individual clients. A few months later, one Wisconsin-based trucking company elected to sue the company. The suit could be for upwards of $5 million in total damages due to the sheer amount of data that got leaked.
Federal Express Disruption Suit
A long-term class action lawsuit stemming from events that stretch all the way back to 2016 continues to make headlines as it influences the way that courts think about freight industry-related cybersecurity issues. Shareholders filed suit against FedEx, since they claimed that the company wasn’t completely open with them when they were struck with the NotPetya ransomware attack. The complaint claimed that FedEx continued to give reassurances that didn’t accurately reflect just how much this piece of ransomware damaged the profitability of their operations in Europe.
Trucking Company Exposes Customer Data
Representatives from Estes Express Lines may have learned that bad actors gained access to at least part of their network in October 2023. More than 21,000 customers had their details exposed as a result of this attack. Since the company didn’t notify its clients of any issues for approximately two months, a class action suit was filed, which alleged that the firm should have been more forthcoming when it came to how much sensitive data was exposed in the process.
Minnesota Trucking Line Pays to Settle Data Breach Litigation
Bay & Bay Transportation Services, a trucking company based in the state of Minnesota, agreed to pay $230,000 in 2024 to settle the complaints of more than 6,700 former and current employees. They claimed that personal information was exposed back in 2021, and the freight carrier did little to implement basic security procedures. This allowed driver’s license numbers and even direct-deposit information to leak into the hands of bad actors.
Perhaps the one bit of good news is that freight industry representatives can protect themselves and their clients by employing good cybersecurity practices. Doing so could potentially limit culpability in a case while cutting the risk of a major cyberattack at the same time.
