Cargo Theft Statistics 2026: The Carrier-by-Carrier Breakdown

Cargo theft is not a single phenomenon. It is a portfolio of distinct crimes, each with its own corridor, its own commodity preference, and its own carrier signature, and the published statistics for 2026 only make sense when read with that distinction in mind.

The figures that circulate in trade press and broker bulletins, CargoNet's quarterly reports, TT Club's annual loss review, NICB advisories, the FreightWatch successor data sets, blend straight theft, strategic fraud, pilferage, and identity-based load misdirection into a single line item. The result is a number that sounds large and explains nothing. Operators who want to act on the data, rather than quote it in a board deck, need to separate the categories before they read the totals. This article does that work, carrier by carrier, corridor by corridor, commodity by commodity, with the qualifications the source data forces on anyone who reads it honestly.

The framing here follows the operator logic developed in Chapter 14 of BOSWAU + KNAUER. From Building to Security Technology: industry and logistics customers do not need universal coverage, they need to know where loss concentrates and where intervention pays. The numbers that follow serve that question.

How the 2026 totals actually break down

Aggregate reporting for the 2025 to 2026 window points to a continued upward drift in recorded cargo theft incidents across North America and Western Europe, with the strongest growth in strategic theft, that is, fraud-driven load misdirection, rather than in physical hijacking. CargoNet's published quarter-over-quarter trajectory through 2024 and into 2025 indicated double-digit percentage growth in reported events, and the early 2026 picture continues that line. TT Club's loss data, which leans heavily on insured marine and inland transit claims, shows a similar shape, with fictitious pickups and double-brokering scams climbing while classic warehouse burglary remains roughly flat in count but heavier in average loss value.

The first qualification any honest reader must apply: the 2026 totals are floors, not ceilings. CargoNet and TT Club only see what gets reported, and the underreporting rate in cargo theft is structurally high. Shippers settle quietly with carriers to preserve commercial relationships, carriers settle quietly with insurers to preserve renewal terms, and a meaningful share of pilferage never reaches a police report because the per-incident value falls below the operator's pain threshold for paperwork. NICB has consistently flagged this gap. ASIS International working groups on supply chain security have argued that the true incident count runs somewhere between 1.4 and 2.1 times the recorded figure, depending on jurisdiction.

The second qualification concerns the average loss per event. Public commentary tends to lead with the headline mean, which 2026 data places in the low to mid six figures USD for full-truckload theft in the United States, and in a similar euro band for high-value European long-haul events. That mean is misleading. The distribution is heavily skewed by a small number of very large losses, typically electronics, pharmaceuticals, and copper shipments, while the median sits considerably lower. Operators building risk models against the mean overprovision for tail events and underprovision for the volume layer where most loss actually concentrates. The median is the more honest planning anchor.

The third qualification: strategic theft now accounts for a share of reported events that no operator could have credibly forecast five years ago. The 2026 mix in the United States places fictitious pickup, identity theft of legitimate carriers, and double-brokering schemes at a meaningful double-digit percentage of all reported cargo theft. The figure varies by source, and the methodological debate is real, but the direction is not in dispute. The crime has moved off the road and into the broker portal.

The carrier-by-carrier signature

Reading cargo theft data by carrier type, rather than by aggregate, changes what the numbers say. Full-truckload over-the-road carriers in the United States carry the largest absolute exposure because they carry the largest absolute volume, and CargoNet's reporting consistently places this segment at the top of incident counts. The signature here is unattended trailer theft from truck stops, drop yards, and unsecured terminals, with concentration in the late evening to early morning window and a strong weekend bias around long-weekend holidays. The 2026 data continues to show the Thanksgiving, Christmas, and Independence Day weekends as elevated-risk periods, with reported incident density running materially above the rolling average in the days immediately before and after.

Less-than-truckload carriers show a different signature. The exposure is lower per event because the consignments are smaller, but the pilferage rate inside cross-dock facilities is higher and harder to detect, because the same parcel can pass through three or four handling points before the consignee opens it. TT Club's claims data captures this pattern in the inland leg of marine shipments, where loss is often booked against the carrier with the weakest documentation rather than against the carrier where the loss actually occurred. The reporting structure rewards whoever closes their books first.

Intermodal rail carriers in 2026 carry a profile that has shifted markedly since the container theft surge documented along the Los Angeles basin in 2021 and 2022. Class I railroads have invested in perimeter and sensor coverage, and the published incident counts have come down from the peak, but the displacement effect is visible: incidents have migrated toward intermodal ramps and the first-mile drayage segment, where carrier responsibility is fragmented and security investment has not kept pace. NICB advisories through 2025 flagged this displacement explicitly.

Owner-operators and small fleets show a profile that the aggregate data tends to hide. They are overrepresented in fictitious pickup cases because they have less mature vetting infrastructure, they are overrepresented in fuel and tire theft because they park where they can rather than where they should, and they are underrepresented in formal incident reporting because the administrative cost of filing is higher relative to fleet size. The 2026 picture for this segment is worse than the topline suggests.

European road haulage, captured under the CMR convention, shows yet another signature. Incident reporting is fragmented across national police systems, and TAPA EMEA's intelligence service remains the most coherent single source. The 2026 data continues to point to a concentration of high-value losses along the Rotterdam-Ruhr corridor, the French A1 and A26 axes, and the Italian motorway network south of Milan, with a persistent secondary cluster in the Spanish Mediterranean arc.

Which corridors absorb the loss

Corridor analysis is where cargo theft data turns operational. The 2026 North American picture continues to place California, Texas, Florida, Illinois, and Georgia at the top of state-level incident counts, with the I-10 corridor between Los Angeles and Houston, the I-95 corridor from the southeastern ports up through the Mid-Atlantic, and the Memphis-Atlanta-Dallas triangle absorbing a disproportionate share of full-truckload events. The corridor concentration is not random. It tracks the intersection of high-volume freight flow, accessible interstate truck stop infrastructure, and proximity to dense urban populations where stolen goods can be moved quickly into secondary distribution.

The I-81 corridor through the Appalachian states has shown elevated activity through 2025 and into 2026, a shift that CargoNet flagged in late 2024 and that has held in subsequent quarters. Operators routing high-value loads through that axis without overnight secured parking are accepting a risk premium they often have not priced.

In Europe, the corridor logic differs in shape but not in principle. The Rotterdam-Ruhr-Frankfurt axis carries the heaviest absolute exposure because it carries the heaviest absolute volume, and TAPA EMEA's incident reporting has placed it consistently at the top of European corridor risk through 2025. The French motorway network south of Paris shows persistent hot zones, particularly around Lyon and the rest areas along the A7 toward the Mediterranean. The German Autobahn network is, on a per-kilometer basis, safer than the French network, but the absolute incident count is high because the volume is high. The Polish corridors linking the Baltic ports to the German border and onward have shown sustained activity, with a particular concentration on electronics and tobacco shipments.

The corridor data carries one further qualification. Reported incidents cluster where reporting infrastructure is strongest, which means the relative safety of a corridor in the published data may partly reflect the weakness of local reporting rather than the absence of crime. Operators who plan around the published map without testing it against their own claims history are working with a partial picture.

Which commodities are taken

Commodity targeting in 2026 follows a logic that has been stable for years and continues to refine itself. Electronics remain the single most-targeted category by value, with consumer electronics, semiconductors, and mobile devices leading the list. The targeting is rational. The goods are dense in value per pallet, they are fungible in secondary markets, and they are difficult to trace once removed from original packaging.

Food and beverage have moved into the top tier by incident count, a shift that CargoNet documented through 2023 and 2024 and that has continued into 2026. The category is attractive because it is high-volume, lightly secured, and effectively untraceable once it enters informal distribution. Energy drinks, nuts, meat, and seafood appear repeatedly in the top-targeted subcategories. The economics are simple: a refrigerated trailer of mixed protein can be sold into secondary channels within twenty-four hours, and the consignee has no realistic prospect of recovery.

Pharmaceuticals carry the highest average loss per event but a lower incident count. The targeting is selective and often informed, which is why pharmaceutical shippers have moved most aggressively toward layered security combining GPS, sensor instrumentation, and convoy protocols. The 2026 data shows that this investment has compressed the incident rate in the segment, though it has not eliminated it.

Building materials and metals, particularly copper, have moved up the target list as commodity prices have stayed elevated through the 2024 to 2026 window. Copper wire and pipe theft from construction yards and material laydown areas shows a pattern that overlaps directly with the construction site security questions documented in Chapter 10 of the manuscript referenced above. The crossover between cargo theft and site theft is operationally relevant because the same offender networks often work both targets.

Tires, automotive parts, and household goods round out the volume layer. None of these categories carries the headline value of electronics or pharmaceuticals, but the cumulative loss is substantial because the incident count is high and the per-event reporting threshold often filters them out of aggregate statistics entirely.

What the data does not show

Every honest reading of cargo theft statistics ends with a list of what the data does not capture. The 2026 figures from CargoNet, TT Club, NICB, and the regional TAPA chapters do not capture insider involvement consistently, even though investigators routinely identify it in retrospect. They do not capture cyber-enabled theft, where a load is misdirected through compromised broker credentials, in the same category as physical theft, even when the operational outcome is identical. They do not capture the displacement effect cleanly, so when a corridor or commodity drops in the rankings, the analyst cannot tell from the public data alone whether the underlying crime has been reduced or has migrated elsewhere.

The 2026 data also does not capture the cost of prevention that did not happen. A yard that hardened its perimeter in 2024 and saw zero incidents in 2025 and 2026 will not appear in the loss statistics, but the investment shows up in the operating budget. The reverse case, a yard that declined to invest and absorbed three serious losses, appears in the statistics and reads as bad luck. The distinction matters for any operator trying to make the case internally for capital expenditure on yard security, perimeter sensing, and the kind of mobile, redeployable surveillance towers and autonomous patrol platforms that have become standard equipment on serious logistics sites. NIST CSF 2.0 and IEC 62443, applied to the operational technology layer of yard and terminal infrastructure, provide the control framework that turns the data into a defensible posture rather than a series of reactions.

There is one further point the data does not surface on its own. Cargo theft is a learning crime. Offender networks adapt to the controls operators deploy, and the lag between deployment and adaptation is shortening. A yard that installed fixed CCTV in 2018 and considered the question settled is, in 2026, working with a depreciated control against an adapted threat. The published statistics will eventually show that, but they will show it after the fact.

Where to find the live data

For operators who need to track the picture in something closer to real time, the working source set is narrow and worth naming. CargoNet publishes quarterly incident summaries and trend analyses, accessible to members and partially to press. The TT Club annual loss review remains the most coherent international view from the insurance side. NICB publishes periodic advisories on emerging cargo theft patterns in the United States. TAPA EMEA, TAPA Americas, and TAPA APAC publish incident intelligence to their member networks, with public summaries appearing in trade media on a delayed basis. ASIS International provides standards and working group output that contextualizes the raw data. The FBI's Uniform Crime Reporting program captures a subset of cargo theft events but historically undercounts because of jurisdictional definition issues.

For European operators, the GDV in Germany publishes loss statistics that include the transport line, and national insurance associations across the EU publish comparable, though less granular, data. The BSI's IT-Grundschutz catalogues address the cyber-enabled component of cargo theft, which is increasingly inseparable from the physical component.

None of these sources is sufficient alone. The operator who reads only CargoNet will miss the strategic theft layer that TAPA captures more cleanly. The operator who reads only TT Club will see the insured loss layer but not the unreported pilferage that erodes margin without ever triggering a claim. The honest map requires triangulation.

What holds

Cargo theft in 2026 is more diverse, more strategic, and more digitally enabled than the aggregate figures suggest. The headline numbers are useful only as a starting point, and the operator who builds a security investment case on the topline alone is building on the wrong layer of data. The picture sharpens when the figures are separated by carrier type, by corridor, by commodity, and by the distinction between physical and strategic theft.

The practical consequence is that yard security, terminal perimeter integrity, driver vetting, broker verification, and load tracking are no longer separate disciplines. They form one continuous control surface, and the operators who treat them as one are absorbing materially less loss than those who treat them as five separate line items reporting to five separate budget owners. The 2026 data supports that observation across every corridor and commodity for which the reporting is robust enough to read.

For operators who want to test where their own exposure sits against the corridor and commodity map described above, the path is Path II from the manuscript referenced at the opening: a three to five day audit conducted on site, covering the standorts at highest theoretical exposure given the load mix and route portfolio, ending in a written report with a schwachstellenkatalog, a 24-month vorfallhistorie reconstructed from available records, and a wirtschaftlichkeitsrechnung in three scenarios. The report belongs to the operator. What gets done with it is the operator's decision.

Frequently asked questions

How much cargo is stolen in 2026?

Reported cargo theft losses in North America for 2026 are tracking at a level consistent with continued double-digit growth from the 2023 baseline, with aggregate reported losses running into the high hundreds of millions of USD annually and credible estimates of true losses, including unreported events, considerably higher. European figures captured through TAPA EMEA and national insurance bodies show a similar trajectory in euro terms. The published totals are floors, not ceilings, because underreporting in this crime category is structural. Operators should plan against the median per-event loss, not the headline mean.

Which corridors are highest-risk?

In North America, the I-10, I-95, and the Memphis-Atlanta-Dallas triangle continue to absorb the largest absolute share of full-truckload theft events, with California, Texas, Florida, Illinois, and Georgia leading the state-level rankings. The I-81 corridor has shown elevated activity since late 2024. In Europe, the Rotterdam-Ruhr-Frankfurt axis carries the heaviest absolute exposure, with persistent hot zones along the French A1, A7, and A26, the German Autobahn network around major industrial centers, the Italian motorway network south of Milan, and the Spanish Mediterranean arc.

Which commodities are top targets?

Electronics remain the leading commodity by event value, with consumer electronics, semiconductors, and mobile devices most exposed. Food and beverage have moved into the top tier by incident count, particularly energy drinks, nuts, meat, and seafood. Pharmaceuticals carry the highest average loss per event but a lower incident count due to selective targeting. Copper, building materials, tires, automotive parts, and household goods round out the volume layer. The mix reflects fungibility in secondary markets, value density per pallet, and the difficulty of tracing goods once they leave original packaging.

Where can I find the latest data?

The primary working sources are CargoNet quarterly reports for North America, TT Club's annual loss review for international marine and inland transit, NICB advisories for United States patterns, and TAPA chapters for member-level incident intelligence across EMEA, Americas, and APAC. The GDV publishes German transport loss figures, and national insurance associations across the EU provide comparable data at varying granularity. ASIS International and NIST provide control frameworks, and the BSI addresses the cyber-enabled component. No single source is sufficient. Triangulation across at least three of these sets gives the most defensible picture.