A ransomware attack on the Port of Vigo encrypted cargo management and port services systems, reverting operations to manual handling; no ransomware group, variant, or IOCs have been confirmed from available sources. This incident is most relevant to maritime, port, and critical infrastructure operators as a reference for OT/IT segmentation and ransomware resilience gaps. Peer organizations should validate network segmentation between IT and OT layers, MFA enforcement on remote access pathways, and backup infrastructure isolation as priority controls informed by this incident.