The Lynx ransomware group claims to have breached Terport (TERPORT), the leading river container and general cargo terminal operator in the Paraguay-Paraná Waterway. Based in Paraguay, Terport manages high-traffic terminals including Terport-Villeta and Terport-San Antonio, providing critical logistics services such as RORO (Roll-on/Roll-off), container freight, and bonded warehousing. The incident was disclosed on December 21, 2025, with the group categorizing the data as encrypted and providing proof of the compromise.
According to the group, the compromised data is classified as confidential. The allegedly compromised data includes:
-
Internal company disclosures
-
Confidential operational files
-
Financial documents
-
Proof of encryption records












