A cyber-assisted hijack wiped out a truckload of roughly 78,000 vapes headed for Austin, leaving a California manufacturer short more than $1 million and hunting for answers. Investigators say thieves tapped into a logistics firm’s systems to spot the delivery in advance, then slipped in fake paperwork that made the pickup look routine. The disappearing vape truck fits a growing pattern in which digital intrusions quietly set up very real, very expensive cargo thefts.
How investigators say the hijack unfolded
According to Bloomberg, hackers gained access to systems at Nolan Transport Group, using that visibility to scan scheduled loads. A shipment from California-based Fifty Bar that was supposed to go out on a Saturday was suddenly rescheduled after the regular driver stopped responding. Days later, a replacement driver rolled up with what appeared to be proper paperwork, collected the load and pulled away. The truck never reached its Austin destination. That mix of quiet digital reconnaissance and a believable stand‑in driver made the handoff look normal and has complicated efforts to trace the cargo.
Missing goods show up on gray markets
Gizmodo reports the shipment, roughly 78,000 devices worth about $1.4 million, has not been recovered, and the company says it has no solid leads. The outlet notes that an unknown seller in New York was spotted offering a nearly identical batch at a steep discount, suggesting the load may already be slipping through secondary channels instead of official distribution routes. Fifty Bar, which makes flavored vapes and e-cigarettes in California, says it is worried the stolen stock could flood unregulated markets and undercut legitimate retailers that play by the rules.
The cyber tricks behind the heists
Researchers at Proofpoint have documented recent campaigns that go straight after trucking carriers and freight brokers, often by planting remote monitoring and management tools that give criminals persistent access. In a November report, the firm identified at least three groups running operations like this and tracked roughly 20 such campaigns in a short period. Once inside, attackers use that access to reroute loads or impersonate legitimate carriers. Proofpoint says the actors are focused on quickly cashing in on high-value freight, typically by selling stolen goods online or moving them abroad.
Industry data shows a broader spike
The National Insurance Crime Bureau says cargo-theft losses jumped 27% in 2024 and are on track to climb another 22% in 2025, a trend the group links in part to digital weak spots in logistics systems. The NICB has urged companies to shore up common-use technologies and add more in-transit security, warning that the cost of stolen shipments tends to trickle down to consumers. In its guidance, the agency specifically called out “weaknesses in common-use business technologies” as an entry point criminals exploit to hijack or reroute loads, according to an NICB release.
What companies can do now
Analysts say anyone in the supply chain needs to treat carrier and broker platforms as part of their cybersecurity perimeter, not just back-office tools. That means enforcing multi-factor authentication, tightening email and vendor controls and searching for unauthorized remote-access software. Cybersecurity Dive has reported that attackers often lean on compromised load-board accounts and phishing emails that install legitimate-looking remote monitoring tools, which makes these intrusions frustratingly hard to spot. For smaller manufacturers, one hijacked shipment in the middle of the holiday rush can be the kind of loss a business does not recover from.
For Fifty Bar and similar outfits, immediate steps include filing police and insurance reports and combing through any exposed vendor or carrier accounts that might have been used to flag high-value loads. Proofpoint’s guidance also urges companies to scan their environments for unauthorized remote monitoring tools and to tighten incident response coordination with carriers and brokers, cutting down the window thieves have to move stolen freight. Until investigators can point to arrests or recoveries, shippers of high-value consumer goods are being told to assume that a quiet bit of digital access can set up a very loud real-world theft.
So far, no arrests or cargo recoveries tied to the missing vape truck have been made public, and the fate of the inventory remains a mystery as investigators and industry observers try to decide whether this was a one-off hit or a piece of a larger operation. With fourth-quarter shipping volumes running high, experts say keeping a closer eye on both the digital back door and the loading dock will be crucial to stopping the next big heist.
