The Qilin ransomware gang on Monday claims to have hacked the Shipping Association of New York & New Jersey (SANYNJ), a major maritime industry group responsible for cargo movements at one of North America’s busiest ports.

The notorious ransomware group posted the maritime membership organization on its dark leak site Monday morning.

Although Qilin provided few details in the victim entry, the Russian-speaking cybercriminal cartel posted a link claiming to have already “publicated” whatever data it allegedly stole from the massive organization.

The link to view that alleged data was broken at the time of this report, so it's unknown how much information the group actually has in its possession or what specific categories it may fall under.

Fallout could be far-reaching

SANYNJ represents the terminal operators, ocean carriers, stevedores, and marine-related businesses that operate ships, move cargo, and train and employ longshore workers in the Port of New York and New Jersey, its website states.

Supply chain experts say a major cyberattack on the maritime sector could create severe backups, impacting cargo tracking and logistics and leading to shortages of essential goods.

Attackers gaining unauthorized access to sensitive cargo data could alter shipment information, sabotage critical infrastructure such as cranes and gates, and even track the movements of sensitive military shipments, they say.

Cybernews has reached out to the organization and will update the story with more information if and when we get a response.

Warnings from the Department of Homeland Security about threats to the maritime industry have increased in recent years.

The fallout from such an attack could be significant, as the global shipping supply chain is already strained by Iranian shipping restrictions in the Strait of Hormuz.

In April, the US Cybersecurity and Infrastructure Security Agency (CISA) issued a security alert warning of Russian state-sponsored actors targeting Western logistics entities, attempting to track shipments heading to Ukraine.

China’s own state-sponsored hackers, Volt Typhoon, have been found lurking in the computer networks at US ports, water utilities, airports, and other targets since 2024.

As for ransomware operators, “Because the maritime industry operates on rigid schedules, cybercriminals know that port operators face immense pressure to pay multi-million-dollar ransoms simply to avoid catastrophic operational downtime,” said the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC).

Major gateway for US cargo

Owned by the Port Authority of New York and New Jersey, the “largest container complex in the world” handles 80% of all foreign goods imported into the US, feeds about 40% of the nation, and transports them via its own railway systems that extend as far as the Midwest and Canada.

As the primary gateway for international trade, particularly with China, Germany, and Italy, the NY/NJ ports handle cargo ranging from electronics, furniture, apparel, and refrigerated food products to wood, heavy machinery, and infrastructure components.

In 2024, the NY/NJ port moved more than 8.7 million twenty-foot equivalent shipping containers (TEUs), along with 36.1 million tons of bulk cargo, 36,000 tons of breakbulk cargo, 410,000 vehicles, and more.

That same year, SANYNJ reported over $160 billion in business activity, generating nearly 580,000 jobs across the 31-county region.

The Association further represents tens of thousands of maritime workers, collectively bargaining for more than 200 affiliated unions under the International Longshoremen’s Association (ILA) and the Port Police and Guards Union.

The NY/NJ port also receives more than 300 cruise ships annually, transporting nearly 2.4 million passengers in 2024 alone.

According to its tax filings, the Association's total revenue exceeded $320 million in 2025.

---

Unlock more exclusive Cybernews content on YouTube.