Watch Now


Forward Air brings in the cops as system outage continues

Photo: Jim Allen/FreightWaves

(An article about the subsequent return of Forward Air’s systems can be found here.)

An updated statement from Forward Air about the collapse of its technology systems adds three key words that all but confirm the company is a victim of a cyberattack.

The statement, released by the ground and air carrier company Friday, said it had “notified law enforcement” about the “security incident.” A statement released Wednesday did not mention law enforcement. The rest of the statement released Friday was otherwise identical to the statement from earlier in the week.

The apparent cyberattack on Forward Air has been so extensive that its website is down. A Forward Air customer told FreightWaves that his customer service representative that Forward Air employees were told to shut down their computers to help slow the attack.


While Forward Air has not used terms like “ransomware” or “cyberattack” in its statements, outside experts on those issues said the Forward Air incident had all the hallmarks of such an occurrence. David Jarmon, a vice president at cybersecurity firm Gray Analytics and former Department of Defense official, told FreightWaves this week that based on the small amount of information Forward Air had released, it was likely that it was “targeted in a cyberattack, likely involving malware infecting its systems, which brings ransomware into consideration.” 

The shutdown of much of Forward Air’s operations has had no discernible effect on the company’s stock price. Shares in Forward Air were up four consecutive days this past week, with a Friday gain of 0.86% to $78.20. That’s only 75 cents less than the company’s 52-week high. 

Beyond the reference to law enforcement, the Forward Air statement repeated several key points: It “detected” the incident on Tuesday; third-party experts were brought in; and the technology team at Forward Air is “working diligently to restore the affected systems and services and bring them back online as soon as possible.”


More articles by John Kingston

Forward Air acquired another final-mile provider

Forward expands LTL into California’s Inland Empire

Forward Air beats estimates in quarter, raises dividend

8 Comments

  1. Matt

    I am begging you guys to take spelling and grammar more seriously. I haven’t been able to get through a single article without running into ridiculous errors that are so obvious its like you’re doing it on purpose. And this is a daily thing so its not just one person. Have we reached a day in age where everybody writes and reads like an elementary school child?

  2. John Miller

    Couldn’t happen to a better company. The culture they sell is not the culture inside their locations. If you desire no work life balance this is your place. As a customer I’d be very concerned how my freight was truly handled behind the scene. Claims…Woof. They will never be legit in the real world LTL market.

    1. Angela

      So sad that there are people who attack a company in this manner. I find ForwardAir to be a great company with great people. The only time you hear negatives about a company is when you find that there are employees who never appreciate a good job and the company who gave them a job. As for not having time for a social life etc start at the beginning. It’s called a job. It feeds you and your family. Work comes first and all other second. What you do with your time when your not working is up to you. That’s called family time.

  3. John

    Good luck prosecuting because you already know the hackers are likely from either China, Russia or some third world country and if it wasn’t state sponsored they flat out won’t prosecute the perpetrators or simply don’t have the resources. As cheap as computers are now, a large enterprise like this should just have extra desktop stations packed up somewhere ready to go and when this happens, just throw out the ones effected. Back up the data regularly and back up the backups on a seperate computer that’s not comnected to jack squat crap. I would say try wiping the systems and doing a full OS reinstall but I know the hackers can hide the virus in ROM chips, BIOS chips and everything else. So there’s no way to get rid of it.

  4. OldManOTR

    Good old Karma ,Gotta love it. I worked for them as a Owner Operator, they failed to return my 2500$ after I returned there cameras and Qualcomm unit. I reached out to them countless times about my money. Owell, they finally getting what they deserve for cheating drivers out there money.

    1. Jennifer Cabangis

      Lol, that’s what my boss said, more or less, “Well, everyone hates them, so I am not surprised.” They had this happen to them back in 2016. They managed to expand their company since then but didn’t update their IT infrastructure.

Comments are closed.

John Kingston

John has an almost 40-year career covering commodities, most of the time at S&P Global Platts. He created the Dated Brent benchmark, now the world’s most important crude oil marker. He was Director of Oil, Director of News, the editor in chief of Platts Oilgram News and the “talking head” for Platts on numerous media outlets, including CNBC, Fox Business and Canada’s BNN. He covered metals before joining Platts and then spent a year running Platts’ metals business as well. He was awarded the International Association of Energy Economics Award for Excellence in Written Journalism in 2015. In 2010, he won two Corporate Achievement Awards from McGraw-Hill, an extremely rare accomplishment, one for steering coverage of the BP Deepwater Horizon disaster and the other for the launch of a public affairs television show, Platts Energy Week.