Skip to main content

Cruise operator Carnival reveals another data breach

(Image credit: Shutterstock.com / NAN728)
Audio player loading…

Carnival Corporation, the largest cruise ship operator in the world, has disclosed details about a cybersecurity (opens in new tab) incident involving unauthorized access of its records.

In a data breach letter (opens in new tab) sent to affected customers shared by Bleeping Computer (opens in new tab), the company acknowledged the incident occurred earlier this year in March and allowed the unauthorized users to access the  personal information relating to some of their guests, employees, and crew.

When quizzed by Bloomberg (opens in new tab), Carnival said that as soon as it became aware of the data breach, it “acted quickly to shut down the event and prevent further unauthorized access.”

Soon after the company notified the regulators and also hired a cybersecurity firm to look into the breach. 

Repeat targets

The investigation reportedly found that during the incident, personal data of customers, employees and crew of not just Carnival, but also of its subsidiaries Holland America and Princess lines, along with details of the company’s medical operations were accessed.

Carnival has said that it has evidence to suggest that there is a “low likelihood” of misuse of any of the breached data.

In addition to alerting the individuals whose details were leaked the company is also said to have set up a call center to respond to any queries from customers.

Notably, this isn’t the first security-related incident that has plagued Carnival. Bleeping Computer notes that the cruise line was first hit by a data breach in March 2020, followed by two ransomware (opens in new tab) attacks, first in August 2020 (opens in new tab) and then again in December 2020.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.