We all know quite a bit of information about this week’s data breach over at the mega-brokerage, Total Quality Logistics. This could be attributed to award-worthy reporting by Freight Broker Live, but in reality, the brokerage itself deserves much of the praise – after taking steps to remain transparent and honest, while attempting to stay ahead of the fallout from the data breach.
We were the first media-outlet to report the data breach which was discovered late Sunday, February 23rd 2020. Earlier in the week, an observant member of the accounting department at the brokerage noticed a change with a carrier’s bank account, and attempted to verify the change with the carrier. Upon learning that the carrier did not make this change, the department forwarded a ticket to the IT department who uncovered the breach.
Some do not understand the differences between a hacking, randsom-ware attack, phishing, malware, and data breach, so we will do our best to school you. Hacking is the first step in all of these, as hacking is the effort to gain access to a system either through phishing or bruteforce. Once in the system, you have a data breach. A data breach is an incident in which information is accessed without authorization. What happens to that information after it is accessed determines what further classification it is.
How they got into TQL’s system is still debated. Was it through a phishing attempt, where a hacker attempts to get access to a system by sending fraudulent emails in hopes that someone will click a link, or reset a password or provide information which the hacker can use to access the system? Initial reports into Freight Broker Live seem to align with this. What they chose to do when they were in the system is interesting.
According to TQL, they suffered a breach which compromised their online portals for both carriers and customers. According to sources close to TQL, the hole(s) in the system were discovered within a matter of hours after discovering the initial breach. Following notification and publication laws for the State of Ohio, TQL quickly set together a plan of attack to handle the fallout of the breach. TQL created online “hotline” pages for both carriers and customers who were affected by the breach, set up dedicated teams internally to handle incoming calls and sent notification to all customers and carriers via the email addresses on file.
The folks at TQL did a great job handling the breach in the opinion of Freight Broker Live… so far. They identified the problem, hired professionals to eradicate the problem, handled the notification of the breach to those affected, and brought in law enforcement to find and punish the bonehead(s) behind the breach. We still have questions on what will happen going forward, and we will probably find out sooner or later, maybe. What we do not know what the hackers are looking to do with the information they accessed, outside of the handful of cases where they committed ACH theft (reportedly changing the banking information of carriers to a fraudulent account, in which TQL later remitted payment for invoices owed).
As we know, there have been several hacking related incidents in the past year affecting trucking and logistics related companies. The most recent was Truckstop.com, who suffered a ransom-ware attack last year resulting in the complete shutdown of all its products and services for several days. The drivers who rely on Truckstop’s load boards….well, completely freaked out as they could not utilize the load board to find freight (why a driver would rely solely on one board is still mind-boggling to us, but that is for another day). Truckstop.com eventually revived their system and is back operational.
The truth regarding these types of incidents is that no matter the time, money, and resources a company spends to try and secure data, there is someone hiding in the shadows working harder to find a way to find a way in. As the logistics industry continues to move towards technology and automation, it is something we all must take seriously as there will always be someone out there looking to exploit any vulnerability they can find. Why? Because people suck.
If you find that your system was breached, follow the example set by TQL, whether you like them or not. In our eyes, they did an excellent job in getting the news out to those affected. If TQL’s CEO treats the search for those responsible with the same ruthless (to some) approach he used to build the largest private freight-brokerage in the country, those responsible for the breach are likely praying they will never be found.
If you have additional questions and are a carrier with TQL you can visit their portal by clicking here.
If you are a customer and have questions you can visit the customer hotline portal by clicking here.