lockbit2 attacks Morrison Express Corporation

Incident Date:

May 20, 2022

World map



lockbit2 attacks Morrison Express Corporation


Morrison Express Corporation




Queens, USA


First Reported

May 20, 2022

Morrison Express Corporation Suffers Ransomware Attack by Lockbit2 Group

Morrison Express Corporation, a global freight forwarding and logistics service provider, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, and the victim's website is Morrison Express operates in the Transportation sector and is known for its expertise in addressing the unique needs of various vertical sectors, including Hi-Tech, Automotive, Consumer & Retail, Healthcare & Life Sciences, Chemical, Industrial, and Energy.

The company's services are designed to provide comprehensive solutions on a global scale with an extensive network, addressing the specific requirements of different industries. In the Hi-Tech sector, Morrison Express excels in facilitating the seamless flow of goods throughout the high-tech value chain, from moving capital equipment and raw material wafers for chip fabrication to shipping components and finished products globally.

The Lockbit2 ransomware attack on Morrison Express Corporation is part of a growing trend of data theft, encryption, and public shaming tactics used by cybercriminals to extort considerable ransoms from victims. The consequences of such attacks can be severe and long-lasting, with financial implications, reputational damage, and legal costs.

Morrison Express Corporation has not released a public statement regarding the ransomware attack. However, the company's website does not indicate any disruption in services or operations, suggesting that the attack may not have significantly impacted their operations.

To mitigate the risks of ransomware attacks, organizations should follow best practices such as conducting regular vulnerability scanning, maintaining offline, encrypted backups of data, and regularly patching and updating software and operating systems.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.