Security Chevin pulls the handbrake on FleetWave software after security scare UK and US customers stuck waiting after fleet management SaaS vendor took affected environments offline Carly Page Thu 9 Apr 2026 // 15:20 UTC A cybersecurity incident has knocked FleetWave into a "major outage" across the UK and US after Chevin Fleet Solutions pulled parts of its SaaS platform offline and left customers scrambling for answers. The disruption, flagged on Chevin's public status page , aligns with an email sent to customers and seen by The Register in which the company confirms it took FleetWave environments hosted in Azure in both regions offline as a precaution. Chevin, which first confirmed disruption on April 3, says that it's working "around the clock with external cybersecurity specialists," carrying out artifact analysis and threat hunting across its systems while implementing additional security controls. FleetWave, for those not steeped in transport tech, is a platform used by organizations to manage vehicles, drivers, maintenance, compliance, and logistics operations. When it goes down, it's not just dashboards that disappear, but the systems that underpin day-to-day fleet operations. Chevin's message leans heavily on process and reassurance, but offers little in the way of detail. There's no explanation of how the incident occurred, whether attackers gained access to customer data, or what kind of activity triggered the shutdown. The company says only that it is working to "ensure the environment is confirmed as secure before restoration," and expects to provide an update on timing by April 10. Customers are dealing with a declared major outage in two regions, yet have not been told what underlying risk prompted the shutdown. That uncertainty is compounded by the fact that not all environments appear to have been taken down. According to a customer affected by the shutdown, EU and Australian infrastructure remains online, with at least one instance in each affected region. Zephyr Energy loses £700K in cyber hit that rerouted contractor payment Dutch healthcare software vendor goes dark after ransomware attack Hundreds of orgs compromised daily in Microsoft device code phishing attacks US cybercrime losses pass $20B for first time as AI boosts online fraud Derbyshire-based Chevin appears to be walking a line between containment and continuity, keeping some services running while it works out how far the problem spreads. There's also the possibility that the attack was targeted at a specific customer or subset of tenants, with wider disruption a byproduct of containment efforts. Fleet management platforms tend to sit on a mix of operational and commercial data, making them attractive targets where compromising a single organization can have an outsized impact. Chevin is saying little publicly beyond confirming the outage and ongoing investigation, and didn't respond to The Register's questions. The Register also reached out to a number of Chevin's customers – including Shropshire Fire and Cox Enterprises – but did not receive immediate responses. With systems offline, customers in the UK and US are left waiting not just for service to return, but for answers on whether they were directly affected. ® Share More about Saas Security Software More like these × More about Saas Security Software Narrower topics 2FA AdBlock Plus Advanced persistent threat App Application Delivery Controller Audacity Authentication BEC Black Hat BSides Bug Bounty Center for Internet Security CHERI CISO Common Vulnerability Scoring System Confluence Cybercrime Cybersecurity Cybersecurity and Infrastructure Security Agency Cybersecurity Information Sharing Act Database Data Breach Data Protection Data Theft DDoS DEF CON Digital certificate Encryption End Point Protection Exploit Firewall FOSDEM FOSS Google Project Zero Grab Graphics Interchange Format Hacker Hacking Hacktivism IDE Identity Theft Image compression Incident response Infosec Infrastructure Security Jenkins Kenna Security Legacy Technology LibreOffice Map Microsoft 365 Microsoft Office Microsoft Teams Mobile Device Management NCSAM NCSC OpenOffice Palo Alto Networks Password Personally Identifiable Information Phishing Programming Language QR code Quantum key distribution Ransomware Remote Access Trojan Retro computing REvil RSA Conference Search Engine Software Bill of Materials Software bug Software License Spamming Spyware Surveillance Text Editor TLS Trojan Trusted Platform Module User interface Visual Studio Visual Studio Code Vulnerability Wannacry WebAssembly Web Browser WordPress Zero trust More about Share POST A COMMENT More about Saas Security Software More like these × More about Saas Security Software Narrower topics 2FA AdBlock Plus Advanced persistent threat App Application Delivery Controller Audacity Authentication BEC Black Hat BSides Bug Bounty Center for Internet Security CHERI CISO Common Vulnerability Scoring System Confluence Cybercrime Cybersecurity Cybersecurity and Infrastructure Security Agency Cybersecurity Information Sharing Act Database Data Breach Data Protection Data Theft DDoS DEF CON Digital certificate Encryption End Point Protection Exploit Firewall FOSDEM FOSS Google Project Zero Grab Graphics Interchange Format Hacker Hacking Hacktivism IDE Identity Theft Image compression Incident response Infosec Infrastructure Security Jenkins Kenna Security Legacy Technology LibreOffice Map Microsoft 365 Microsoft Office Microsoft Teams Mobile Device Management NCSAM NCSC OpenOffice Palo Alto Networks Password Personally Identifiable Information Phishing Programming Language QR code Quantum key distribution Ransomware Remote Access Trojan Retro computing REvil RSA Conference Search Engine Software Bill of Materials Software bug Software License Spamming Spyware Surveillance Text Editor TLS Trojan Trusted Platform Module User interface Visual Studio Visual Studio Code Vulnerability Wannacry WebAssembly Web Browser WordPress Zero trust TIP US OFF Send us news