Hapag-Lloyd AG
Company Details
Linkedin ID:
hapag-lloyd-ag
Website:
Employees number:
14,724
Number of followers:
852,554
NAICS:
483
Industry Type:
Homepage:
hapag-lloyd.com
IP Addresses:
0
Company ID:
HAP_3115888
Scan Status:
In-progress
Hapag-Lloyd AG Company CyberSecurity Posture
hapag-lloyd.com
About Hapag-Lloyd With a fleet of 313 modern container ships and a total transport capacity of 2.5 million TEU, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 14,000 employees and 400 offices in 140 countries. Hapag-Lloyd has a container capacity of 3.7 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 133 liner services worldwide ensure fast and reliable connections between more than 600 ports on all the continents. In the Terminal & Infrastructure segment, Hapag-Lloyd has equity stakes in 21 terminals in Europe, Latin America, the United States, India and North Africa. Around 3,000 employees are assigned to the Terminal & Infrastructure segment and provide complementary logistics services at selected locations in addition to the terminal activities. Disclaimer This press release contains forward-looking statements that involve a number of risks and uncertainties. Such statements are based on a number of assumptions, estimates, projections or plans that are inherently subject to significant risks, uncertainties and contingencies. Actual results can differ materially from those anticipated in the Company’s forward-looking statements.
Hapag-Lloyd AG A.I CyberSecurity Scoring
Hapag-Lloyd AG Risk Score (AI oriented)Between 750 and 799
Hapag-Lloyd AG
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Hapag-Lloyd AG Global Score (TPRM)XXXX
Hapag-Lloyd AG
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Hapag-Lloyd AG Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Hapag-Lloyd AG
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In March 2022, Hapag-Lloyd, a global shipping and container transportation company headquartered in Hamburg, Germany, fell victim to a **spear-phishing attack**. Cybercriminals created a **malicious replica of the company’s official website** and distributed hyperlinks via email to unsuspecting users. When employees or customers clicked these links and entered their login credentials, the attackers **harvested their personal data**, including usernames, passwords, and potentially other sensitive information.The company’s IT security team detected the fraudulent website and immediately issued warnings to users, advising them to **avoid clicking email links** and instead manually type the website URL to prevent further data theft. While the attack primarily targeted **user credentials**, the compromise of personal data posed risks of **follow-on fraud, identity theft, or unauthorized access to corporate systems**. Hapag-Lloyd took mitigative steps to contain the incident, but the breach highlighted vulnerabilities in **user awareness and email-based threat vectors**.The attack did not result in large-scale financial losses, operational disruptions, or systemic damage to the company’s infrastructure. However, the **theft of personal data**—even if limited to login credentials—exposed customers and employees to potential downstream risks, including **phishing escalation or credential-stuffing attacks** on other platforms.
Hapag-Lloyd AG Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Hapag-Lloyd AG
Incidents vs Maritime Transportation Industry Average (This Year)
No incidents recorded for Hapag-Lloyd AG in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Hapag-Lloyd AG in 2025.
Incident Types Hapag-Lloyd AG vs Maritime Transportation Industry Avg (This Year)
No incidents recorded for Hapag-Lloyd AG in 2025.
Incident History — Hapag-Lloyd AG (X = Date, Y = Severity)
Hapag-Lloyd AG cyber incidents detection timeline including parent company and subsidiaries
Hapag-Lloyd AG Company Subsidiaries
About Hapag-Lloyd With a fleet of 313 modern container ships and a total transport capacity of 2.5 million TEU, Hapag-Lloyd is one of the world’s leading liner shipping companies. In the Liner Shipping segment, the Company has around 14,000 employees and 400 offices in 140 countries. Hapag-Lloyd has a container capacity of 3.7 million TEU – including one of the largest and most modern fleets of reefer containers. A total of 133 liner services worldwide ensure fast and reliable connections between more than 600 ports on all the continents. In the Terminal & Infrastructure segment, Hapag-Lloyd has equity stakes in 21 terminals in Europe, Latin America, the United States, India and North Africa. Around 3,000 employees are assigned to the Terminal & Infrastructure segment and provide complementary logistics services at selected locations in addition to the terminal activities. Disclaimer This press release contains forward-looking statements that involve a number of risks and uncertainties. Such statements are based on a number of assumptions, estimates, projections or plans that are inherently subject to significant risks, uncertainties and contingencies. Actual results can differ materially from those anticipated in the Company’s forward-looking statements.
Loading...
Hapag-Lloyd AG Similar Companies
Yacht Crew Register
Yacht Crew Register has been successfully recruiting professional captains and crew since 1995, and has developed a reputation for confidentiality. We are a private yacht crew agency serving yacht owners and select management companies. We guarantee complete confidentiality of all information entrus
Anglo-Eastern
Anglo-Eastern's rich maritime heritage spans over 50 years of ship management, crew management, cruise & leisure management and technical services. We manage a diverse fleet of vessels worldwide on behalf of our global partners, and uniquely offer both cadet and crew training through our highly rega
.png)
Hapag-Lloyd AG CyberSecurity News
December 09, 2025 02:00 PM
Finacity Facilitates the Renewal of USD 550 Million Global Freight Receivables Securitization for Germany-Headquartered Hapag-Lloyd AG (FWB: HLAG)
STAMFORD, Conn., Dec. 09, 2025 (GLOBE NEWSWIRE) -- Finacity Corporation (“Finacity”), a White Oak Global Advisors company, announces today...
November 13, 2025 08:00 AM
Hapag-Lloyd AG (HPGLY) Q3 2025 Earnings Call Highlights: Navigating Growth Amidst Cost Pressures
Despite strong volume growth and strategic investments, Hapag-Lloyd AG (HPGLY) faces challenges from softer freight rates and rising...
September 11, 2025 07:00 AM
Hapag-Lloyd and Shell sign multi-year liquefied biomethane deal
Hapag-Lloyd and Shell Western LNG B.V. (Shell) have signed a multi-year agreement for the supply of liquefied biomethane with the global...
May 15, 2025 07:00 AM
Hapag-Lloyd AG (HPGLY) Q1 2025 Earnings Call Highlights: Strong Start with Increased Revenue ...
Hapag-Lloyd AG (HPGLY) reports a robust first quarter with a 15% revenue increase and a 9% rise in transport volumes, despite challenges in...
March 21, 2025 07:00 AM
Hapag-Lloyd AG (HPGLY) Q4 2024 Earnings Call Highlights: Strong Revenue Growth Amid Operational ...
Hapag-Lloyd AG (HPGLY) reports a 6.6% revenue increase and robust cash flow, despite facing rising costs and market uncertainties.
August 28, 2024 07:00 AM
Navigating Cyber Security on Container Vessels and Terminals: A Comprehensive Overview
Cyber security is not just a digital concern but a crucial aspect of operational safety in the maritime industry. Understanding the cyber...
May 06, 2024 07:00 AM
Hapag-Lloyd commits to the security of their information
Hapag-Lloyd reaffirms its unwavering commitment to information security by adopting the TISAX framework. The move signals a proactive stance...
January 19, 2024 08:00 AM
ASIPONAs Invest in CIIT; Vallejo Receives Billion-Dollar Boost
ASIPONAs invested US$56.2 million in some terminals, while Mexico City's Vallejo expects a US$1.4 billion boost. This and more in your...
December 08, 2023 08:00 AM
The Shipping Industry in the Age of Digitalization
Shipping goes digital and becomes more innovative. Learn all about new tools and possibilities offered by digitalization in our article.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Hapag-Lloyd AG CyberSecurity History Information
Official Website of Hapag-Lloyd AG
The official website of Hapag-Lloyd AG is https://www.hapag-lloyd.com.
Hapag-Lloyd AG’s AI-Generated Cybersecurity Score
According to Rankiteo, Hapag-Lloyd AG’s AI-generated cybersecurity score is 797, reflecting their Fair security posture.
How many security badges does Hapag-Lloyd AG’ have ?
According to Rankiteo, Hapag-Lloyd AG currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Hapag-Lloyd AG have SOC 2 Type 1 certification ?
According to Rankiteo, Hapag-Lloyd AG is not certified under SOC 2 Type 1.
Does Hapag-Lloyd AG have SOC 2 Type 2 certification ?
According to Rankiteo, Hapag-Lloyd AG does not hold a SOC 2 Type 2 certification.
Does Hapag-Lloyd AG comply with GDPR ?
According to Rankiteo, Hapag-Lloyd AG is not listed as GDPR compliant.
Does Hapag-Lloyd AG have PCI DSS certification ?
According to Rankiteo, Hapag-Lloyd AG does not currently maintain PCI DSS compliance.
Does Hapag-Lloyd AG comply with HIPAA ?
According to Rankiteo, Hapag-Lloyd AG is not compliant with HIPAA regulations.
Does Hapag-Lloyd AG have ISO 27001 certification ?
According to Rankiteo,Hapag-Lloyd AG is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Hapag-Lloyd AG
Hapag-Lloyd AG operates primarily in the Maritime Transportation industry.
Number of Employees at Hapag-Lloyd AG
Hapag-Lloyd AG employs approximately 14,724 people worldwide.
Subsidiaries Owned by Hapag-Lloyd AG
Hapag-Lloyd AG presently has no subsidiaries across any sectors.
Hapag-Lloyd AG’s LinkedIn Followers
Hapag-Lloyd AG’s official LinkedIn profile has approximately 852,554 followers.
NAICS Classification of Hapag-Lloyd AG
Hapag-Lloyd AG is classified under the NAICS code 483, which corresponds to Water Transportation.
Hapag-Lloyd AG’s Presence on Crunchbase
No, Hapag-Lloyd AG does not have a profile on Crunchbase.
Hapag-Lloyd AG’s Presence on LinkedIn
Yes, Hapag-Lloyd AG maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/hapag-lloyd-ag.
Cybersecurity Incidents Involving Hapag-Lloyd AG
As of December 23, 2025, Rankiteo reports that Hapag-Lloyd AG has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Hapag-Lloyd AG has an estimated 2,135 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Hapag-Lloyd AG ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does Hapag-Lloyd AG detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with warning users about phishing emails, and remediation measures with recommending manual url entry instead of clicking links, and communication strategy with public advisory to users..
Incident Details
Can you provide details on each incident ?
Title: Spear-Phishing Attack on Hapag-Lloyd (March 2022)
Description: In March 2022, the Hamburg (Germany)-based Hapag-Lloyd head office was hit by a spear-phishing attack. The IT security team discovered a copy of its website, which was being used by criminals. The criminals sent hyperlinks via email to redirect users to the fake site. Once users logged in, the criminals were able to steal their personal data. After detecting the incident, the company warned users about incoming emails and recommended accessing the website by manually entering the URL instead of clicking on links.
Date Detected: 2022-03
Date Publicly Disclosed: 2022-03
Type: spear-phishing
Attack Vector: email (malicious hyperlinks)
Vulnerability Exploited: user trust in legitimate-looking emails/websites
Motivation: data theft (personal data)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through spear-phishing email (malicious hyperlink).
Impact of the Incidents
What was the impact of each incident ?
Incident : spear-phishing HAP508092125
Data Compromised: Personal data (user credentials)
Systems Affected: fake website (spoofed Hapag-Lloyd site)
Brand Reputation Impact: potential reputational damage due to phishing incident
Identity Theft Risk: high (stolen credentials could lead to identity theft)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are User Credentials (Usernames, Passwords) and .
Which entities were affected by each incident ?
Incident : spear-phishing HAP508092125
Entity Name: Hapag-Lloyd
Entity Type: company
Industry: shipping/logistics
Location: Hamburg, Germany
Response to the Incidents
What measures were taken in response to each incident ?
Incident : spear-phishing HAP508092125
Incident Response Plan Activated: True
Containment Measures: warning users about phishing emails
Remediation Measures: recommending manual URL entry instead of clicking links
Communication Strategy: public advisory to users
Data Breach Information
What type of data was compromised in each breach ?
Incident : spear-phishing HAP508092125
Type of Data Compromised: User credentials (usernames, passwords)
Sensitivity of Data: high (personal authentication data)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: recommending manual URL entry instead of clicking links, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by warning users about phishing emails and .
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : spear-phishing HAP508092125
Recommendations: Educate users on recognizing phishing emails and spoofed websites., Implement multi-factor authentication (MFA) to mitigate credential theft risks., Monitor for fake domains or websites impersonating the company.Educate users on recognizing phishing emails and spoofed websites., Implement multi-factor authentication (MFA) to mitigate credential theft risks., Monitor for fake domains or websites impersonating the company.Educate users on recognizing phishing emails and spoofed websites., Implement multi-factor authentication (MFA) to mitigate credential theft risks., Monitor for fake domains or websites impersonating the company.
References
Where can I find more information about each incident ?
Incident : spear-phishing HAP508092125
Source: Hapag-Lloyd public advisory (March 2022)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Hapag-Lloyd public advisory (March 2022).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : spear-phishing HAP508092125
Investigation Status: detected and mitigated (public warning issued)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public Advisory To Users.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : spear-phishing HAP508092125
Stakeholder Advisories: Warning To Users About Phishing Emails.
Customer Advisories: recommendation to manually enter website URL instead of clicking links
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Warning To Users About Phishing Emails, Recommendation To Manually Enter Website Url Instead Of Clicking Links and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : spear-phishing HAP508092125
Entry Point: spear-phishing email (malicious hyperlink)
High Value Targets: User Credentials,
Data Sold on Dark Web: User Credentials,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : spear-phishing HAP508092125
Root Causes: Successful Spoofing Of Hapag-Lloyd Website Via Phishing Links., User Susceptibility To Phishing Emails.,
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2022-03.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-03.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal data (user credentials) and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was fake website (spoofed Hapag-Lloyd site).
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was warning users about phishing emails.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was personal data (user credentials).
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Implement multi-factor authentication (MFA) to mitigate credential theft risks., Monitor for fake domains or websites impersonating the company. and Educate users on recognizing phishing emails and spoofed websites..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Hapag-Lloyd public advisory (March 2022).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is detected and mitigated (public warning issued).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was warning to users about phishing emails, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an recommendation to manually enter website URL instead of clicking links.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an spear-phishing email (malicious hyperlink).
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyDevs TempTool allows Stored XSS.This issue affects TempTool: from n/a through 1.3.1.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tormorten WP Microdata allows Stored XSS.This issue affects WP Microdata: from n/a through 1.0.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Description
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool allows Retrieve Embedded Sensitive Data.This issue affects TempTool: from n/a through 1.3.1.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
A vulnerability has been found in Tenda FH1201 1.2.0.14(408). Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md#reproduce
- https://vuldb.com/?ctiid.337689
- https://vuldb.com/?id.337689
- https://vuldb.com/?submit.719154
- https://www.tenda.com.cn/
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=hapag-lloyd-ag' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
