There were 767 recorded supply chain crime events across the U.S. and Canada in the first quarter of 2026, which marks a 5.3% decrease from Q1 2025 and a 12.2% decrease from Q1 2024, according to the latest Verisk CargoNet analysis. Despite a smaller number of incidents, estimated losses nearly matched those in Q1 2025 at $131.58 million. Confirmed cargo thefts also rose by 41 incidents in Q1 2026 to 596 of the 767 total events.
Verisk reports that most states in the top eight for cargo theft saw a reduction in events year-over-year, with the exception of California and New Jersey.
Incidents in California increased from 255 to 277, and New Jersey saw a 119% increase in thefts, from 27 to 59. Verisk attributes the troubles in California and New Jersey to both states being primary operating environments for organized crime networks, as they offer dense logistics infrastructure and are close to major consumer markets.
Thefts of personal care and beauty products saw the largest jump in Q1 2026, increasing 178% year-over-year. Food and beverages remained the favorite target for thieves to start the year with 144 incidents in Q1, but targets within that sector shifted as beverage theft declined, while seafood targeting saw a sharp increase.
The theft of goods that are bulkier, less standardized or more difficult to resale at scale like building materials, apparel and vehicle-related items declined year-over-year.
"The overall drop in incident volume is encouraging, but the underlying data tells a more complex story," Keith Lewis, vice president of operations at Verisk CargoNet, said in the report. "We're watching transnational organized crime groups become the dominant force in the cargo theft landscape, with a clear preference for goods that move easily through online resale channels. The geography is following the criminals."
While anti-fraud systems are being deployed to fight these thefts, criminal networks are bypassing these tools by impersonating legitimate motor carriers and logistics brokers using two primary methods: credential harvesting and the outright acquisition of motor carrier businesses.
In credential harvesting, advanced phishing campaigns and remote access trojans are used to compromise business emails, internet-based phone systems and other industry applications. Once acquired, these credentials let bad actors operate as the legitimate carrier, which allows them to accept tenders, communicate with brokers and redirect loads as they wish.
Verisk CargoNet also reports that criminal networks are purchasing legitimate carriers through social media, peer-to-peer marketplaces and specialized brokerage services, with these sales remaining largely unregulated. Motor carrier owners who sell an operating authority to a criminal network, regardless of whether they're aware of the situation, can face civil and criminal liability.
"The anti‑fraud tools the industry has deployed are working, they're forcing criminals to invest more in elaborate schemes," Lewis said. "But the shift toward credential theft and carrier impersonation means the industry needs to think beyond tender‑phase controls. We need robust identity verification throughout the lifecycle of a shipment, from booking to delivery."
(Photo credit: Kalyakan/Adobe Stock)
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.