article featured image


Expeditors is a Fortune 500 logistics company headquartered in Seattle, Washington, United States of America. Expeditors provide efficient and tailored supply chain solutions to customers through a worldwide network of over 350 facilities in over 100 countries and across six continents.

What Happened?

Expeditors International was targeted in a cyberattack forcing the corporation to shut down the majority of its global operations.

SEATTLE–(BUSINESS WIRE)– Expeditors International of Washington, Inc. (NASDAQ:EXPD) announced that on February 20, 2022, we determined that our company was the subject of a targeted cyber-attack. Upon discovering the incident, we shut down most of our operating systems globally to manage the safety of our overall global systems environment. The situation is evolving, and we are working with global cybersecurity experts to manage the situation. While our systems are shut down we will have limited ability to conduct operations, including but not limited to arranging for shipments of freight or managing customs and distribution activities for our customers’ shipments.

The security of our systems, minimizing the impacts on our customers, and providing our customers with timely and accurate information are our highest priorities. We are conducting a thorough investigation to ensure that our systems are restored both promptly and securely, and on a parallel track, evaluating ways with our carriers and service providers to mitigate the impact of this event on our customers. Since it is extremely early in the process, we cannot provide any specific projections on when we might be operational, but we will provide regular updates when we are able to do so confidently.

We are incurring expenses relating to the cyber-attack to investigate and remediate this matter and expect to continue to incur expenses of this nature in the future. Depending on the length of the shutdown of our operations, the impact of this cyber-attack could have a material adverse impact on our business, revenues, results of operations and reputation.

Further communications will be shared as we manage through this significant event.

Forward-Looking Statements

Certain statements contained in this Current Report on Form 8-K constitute “forward-looking statements” within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. These forward-looking statements are based on our current beliefs, understanding and expectations and may relate to, among other things, statements regarding our current beliefs and understanding regarding the cyber-attack and its impact on our operations. Forward-looking statements are based on currently available information and our current beliefs, expectations and understanding, which may change as our investigation and remediation efforts progress. These statements are subject to future events, risks and uncertainties. These risks and uncertainties include but are not limited to our ongoing investigation of the cyber-attack and the length of time that our global operations are not fully functional. Forward-looking statements speak only as of the date they are made, and while we intend to provide additional information regarding the cyber-attack, we do not undertake to update these statements other than as required by law and specifically disclaims any duty to do so.


As reported by BleepingComputer, the effect was substantial, since Expeditors’ operations, which comprise freight, customs, and distribution, were constrained.

The company is working with its carriers and service partners to find solutions that could minimize the effect on its clients, however, no date has been set for the resumption of operations.

A multinational team of cybersecurity professionals is probing the incident and assisting the organization in resuming normal operations.

Although Expeditors did not specify the nature of the problem, it is possible that they were affected by ransomware, since shutting down activities worldwide and restoring them from backups is a common response to network-wide encryption.

The business said that it will bear all costs associated with investigating and remediating the incident, which is likely to last an extended time.

How Can Heimdal™ Help?

Prevention is always the best approach when implementing a cybersecurity strategy for a business. That’s why a powerful suite of cybersecurity solutions is actually what you need. From Ransomware Encryption ProtectionEmail SecurityThreat Prevention that keeps DNS threats away, to Privileged Access Management to better control and monitor privileged access, and more, in order to create a unified cybersecurity strategy which is actually what Heimdal promotes and what will make you well-safeguarded in the long run.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Dora Tudor

Cyber Security Enthusiast

linkedin icon

Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.

Leave a Reply

Your email address will not be published. Required fields are marked *

Protect your business by doing more with less

Book a Demo