Empire Express says 2025 data breach impacted more than 5,000 customers

Tennessee-based trucking company Empire Express said malicious actors stole the personal data of close to 5,500 customers during a network security incident that spanned four months in 2025.

 

The trucking company, which provides freight transportation services across 48 US states as well as in Mexico and Canada through a fleet of more than 500 trailers, announced in a notification to regulators this week that malicious actors accessed its network between June 27 and October 23, 2025 and exfiltrated the personal information of thousands of customers.

 

Empire Express said the unauthorised access was eventually detected and neutralised on October 23. Soon after detecting the incident, the company launched an investigation with help from external cyber security experts to determine the nature and scope of the cyber attack.

 

The company’s extensive forensic investigation and document review completed on April 13 this year, and confirmed that malicious actors, who had gained long-term access to the company’s network in 2025, had accessed certain files that contained customers’ personal information.

 

"To date, we do not have evidence that your information has been used to commit financial fraud or identity theft. Nevertheless, out of an abundance of caution, we want to make you aware of the incident and provide you access to complimentary identity monitoring services through Kroll," Empire Express said in a letter addressed to affected customers.

 

Founded in 1985, Empire Express operates out of its corporate headquarters in Memphis, Tennessee. The company primarily transports packaged chemicals or related products and also hauls products such as clothing and apparel, air cargo, home and office products, packaging and containers, paper products, retail goods, electronics, cotton and general commodities over long distances.

 

In its data breach notification with the Office of the Attorney General of Maine, the transportation company said the data breach incident impacted a total of 5,428 customers. The company is providing complimentary credit monitoring services to those whose Social Security numbers were compromised during the incident.

 

The company said in a data breach notice posted on its website that the compromised information included customers’ full names, Social Security numbers, dates of birth, dates of death, driver’s license numbers or government identification card numbers, health insurance information, medical information, taxpayer information, payment card information, and financial account information. 

 

"We encourage impacted individuals to take actions to help protect their personal information, including placing a fraud alert and/or security freeze on their credit files, and/or obtaining a free credit report," the company said.

 

"Additionally, individuals should always remain vigilant in reviewing their financial account statements, explanation of benefits statements, and credit reports for fraudulent or irregular activity on a regular basis and report any suspicious activity to the proper authorities."