Hackers steal $1.7 million worth of condoms and lubricants headed to Walmart after hijacking a trucking shipment from one of the biggest companies in sexual wellness – all by using a cybercriminal playbook turned supply-chain nightmare.
The “sophisticated and complex” scheme involved phishing emails, fake brokers, compromised third-party carriers, and rerouted deliveries – exactly the kind of cyber-enabled cargo theft the FBI recently warned is surging across North America.
-
A Walmart-bound shipment of condoms and lubricants vanished after scammers turned a routine freight pickup into a cyber-enabled supply chain heist.
-
The scammers compromised a legitimate trucking carrier, hired real drivers, and redirected the shipment to a Bronx warehouse without raising immediate red flags.
-
The FBI warns cyber-enabled cargo theft is rapidly growing as cybercriminals blend hacking, social engineering, and real-world supply chain fraud across North America
The stolen shipment belongs to Global Protection Corp. – whose ONE Flex condoms happened to be named the top latex condom by The New York Times last year – and contained roughly 103,000 units of said condoms and Move lubricant, with a retail value of approximately $1.7 million.
The heist also coincides with a public service announcement released by the FBI’s Internet Crime Complaint Center (IC3) in April warning about the dramatic 60% increase in cyber-enabled cargo theft since 2024, with a record $725 million in losses last year alone.
The FBI describes cybercriminals tricking unsuspecting shippers, brokers, and carriers across the US and Canada into handing over their cargo – and as Global Protection found out the hard way – rerouting the shipments before they reach their intended destination.
What initially sounded almost absurd – a cyber-enabled condom heist – turned into an elaborate and polished operation ending with FBI agents tracking the still- missing shipments through the controversial Flock camera systems.
“This is definitely unprecedented in how we’re dealing with it,” Ryan Findling, Director of Operations at Global Protection Corp., told Cybernews.
A subsidiary of Karex, the world’s largest condom manufacturer, Global Protection also produces MYONE, its own line of 52 custom-sized condoms – yes, you read that right – along with colored, flavored, and even glow-in-the-dark condoms among its vast catalog of products.
The sexual health advocates further distribute name-brand condoms, including Lifestyles and Trojan, for retail and wholesale, as well as prophylactics and education materials to public health organizations, governments, and non-profits worldwide.
Hackers hijack shipment headed to Walmart
According to Findling, the condom shipment was originally scheduled to travel from the company’s headquarters in Lynn, Massachusetts, to a Walmart distribution center in Pennsylvania.
Global Protection routinely works with a trusted freight broker to book shipments. The broker, as per usual, posted the cargo to a “DAT freight board,” an online marketplace where trucking companies bid on loads.
The FBI says the scammers will typically compromise one trucking company to win the shipment, then pose as a fake broker to hire real truck drivers to pick up the cargo and reroute it to their own destination.
To hack the carrier in this case, the attackers used a fake email that appeared to be a routine freight confirmation request.
“It was a phishing email,” Findling said. “Usually another broker is saying, ‘Hey, to get started in our system, fill out this link.’ When you click the link, you’re downloading some sort of Trojan that can take over your computer.”
Once the attackers gained access to the carrier’s email accounts and internal systems, they were able to impersonate the trucking company using stolen login credentials and real shipping records.
Findling said the compromised carrier account passed all of Global Protection's standard safety and verification checks, making everything seem completely legitimate.
Those checks included matching email addresses against federal trucking databases and reviewing safety records associated with the carrier’s MC number – a federally registered trucking identifier.
Because the emails, carrier records, and verification details all appeared authentic, the shipment passed inspection. “We tried our best, but they’re just getting more sophisticated,” Findling said.
Phishing attack opened the door
This is where it gets interesting. The scammers not only used the compromised carrier account to secure the shipment – they simultaneously posed as a fake freight broker to hire real truck drivers to unknowingly move the stolen cargo for them.
“To make it not be a grand heist you’d see in a movie, they act as a broker and hire a legitimate company to come pick it up with the correct information,” Findling said.
At one point, Findling says that when the drivers arrived at Global Protection’s warehouse, several details initially raised concern.
The trucks themselves did not match the company originally listed on the shipment paperwork – a potential red flag in the freight industry.
But because the drivers knew the correct destination and had the correct shipment reference numbers and legitimate documentation, the condom shipment was ultimately released.
Truck drivers unknowingly moved the stolen cargo
According to Findling, the most sophisticated part of the operation happened after the trucks had already left the warehouse.
The shipment paperwork initially listed the cargo’s destination as Hazleton, Pennsylvania. But once the trucks were already en route, the drivers received phone calls telling them the "blind shipment" needed to be rerouted to the Bronx, New York.
Because the requests appeared to come from legitimate brokers using correct shipment information, the drivers complied. “Not a huge red flag for them, but now we know what to look for,” Findling said.
One driver later told the company the warehouse appeared entirely above board. "They offloaded with forklifts. They had a comprehensive warehouse. They passed all of my checks, even paying the driver his $1,500 fee," Findling said.
Findling said Global Protection only realized something was wrong after the Walmart delivery never showed up.
That's when the FBI was called in and investigators were able to retrace the shipment’s route directly back to the hacker controlled warehouse in the Bronx – and all by using license plate readers and Flock camera systems.
“We have pictures from the Flock cameras. I never thought I’d be getting Flock photos from an FBI agent,” he said.
Condom shortage raises stakes
“At a condom company, you never really know what a day could look like,” said Milla Impola, Director of Communications & Community Marketing at Global Protection Corp.
“When I heard about a condom and lubricant cargo theft, I imagined something movie-style – not necessarily cyber-enabled. Interesting to learn about, but also a real challenge for businesses like ours.”
What makes the condom theft even more impactful for Global Protection is that the entire condom-making industry is facing a potential shortage due to the Iran war and supply chain disruptions in the Middle East.
“There are two main reasons,” Impola explains. “First, condoms are a valuable item; there has been a lot in the press recently about a potential condom shortage and possible cost increases.”
This comes down not just to supply chain issues caused by shipping restrictions imposed by the Iranian regime, but also to the lack of petroleum used to make lubricants, including those found on non-latex condoms.
“Petrochemicals through the Strait of Hormuz. We have faced consistent supply chain challenges, but nothing to this degree,” said Findling.
Impola said the second reason is that this shipment of condom packs and lubricant bottles was going to Walmart. “It included two of our most popular items, which just got full distribution in Walmart stores.”
The ONE Flex condoms are also the first-ever to be made with graphene, a material the company says is 200x stronger than steel and 1 million times thinner than human hair – while generating 85% more body heat between partners. Who knew?
Stolen condoms likely to resurface online
Findling said FBI agents told him stolen goods, like the ONE condoms, are often moved quickly through warehouses, stripped of branding and other identifying information, and then redistributed for resale.
The stolen products often wind up being resold through third-party marketplace sellers, such as "eBay, Amazon, and Walmart.com," Findling said, noting that the company is now monitoring these e-commerce sites for suspicious listings and stolen lot numbers.
Impola also warned consumers to be cautious when buying items, especially medical-grade products such as condoms, from unknown sellers, as these stolen products may not be stored properly or maintained at appropriate temperatures.
“Always look at who the seller is. It’s not to say all third-party sellers aren’t reputable. It’s just to be careful and mindful as you’re shopping,” Impola said, adding that because of the quality risks, any recovered shipments of condom and lubricants would be destroyed.
As for protecting against these types of threats in the future, Findling says Global Protection now has additional measures in place to screen for truckload shipments, including direct phone verification with brokers and carriers before cargo leaves the warehouse.
“Anytime we have full truckload shipments, whether it takes longer or not, we’re going to go the extra step.” Findling said.
Has your password leaked?
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked