Overview
- The Port Authority of Vigo, which detected the intrusion at 5:45 a.m. Tuesday, isolated its servers and took the website and internet-facing services offline.
- President Carlos Botana said the attack sought a cash ransom, no talks were held, and the hackers failed to encrypt all internal data.
- Cargo handling and ship operations continued with manual workarounds, including paper records at the Border Inspection Post, and staff reported only the loss of cloud files open during the incident.
- There is no estimated date to restore digital services, and a forensic specialist is tracing the entry point as part of an active investigation.
- Ransomware locks data to force payment, a tactic that can strain port logistics if systems stay offline, which is why officials are prioritizing full verification before reconnecting.