Carnival Corporation, the world’s largest cruise ship operator, has disclosed a data breach where the threat actors accessed some of its IT systems and the personal, financial, and health information belonging to customers and staff.

Carnival which employs more than 150,000 employees in around 150 countries, provides leisure travel to roughly 13 million guests each year.

The company operates nine of the world’s leading cruise line brands (Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, and Seabourn) and a travel tour company (Holland America Princess Alaska Tours).

According to the data breach notification by the cruise line operator, an unauthorized third-party had accessed a limited number of email accounts that was detected on March 19, 2021.

Carnival’s SVP & Chief Communications Officer Roger Frizzell stated that the attackers gained access to “limited portions of its information technology systems.”

The personal information relating to some of the guests, employees, and crew were accessed which includes data which is routinely collected during the guest experience and travel booking process or through the course of employment or providing services to the Company, including COVID or other safety testing.

The accessed information included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like Social Security or national identification numbers.

All the impacted customers, employees, as well as Carnival Cruise Line, Holland America Line, Princess Cruises, and medical operations crew were warned that they found evidence indicating “a low likelihood of the data being misused.”

Carnival was hit by a ransomware attack in August 2020 which was also confirmed by the cruise line operator in which the attackers gained access to the personal information of both customers and employees during the attack. A second ransomware attack also hit the company in December 2020. The cruise line was also affected by a data breach disclosed in March 2020.

Image Credits : Carnival Cruises

The post Carnival Cruise discloses data breach first appeared on Cybersafe News.

You May Also Like

How Chinese hackers gained access to Air India’s network and customer database

A devastating cyberattack was recently detected against SITA, a company that provides…

More than 770 million records available through the Travis CI API: Anyone can extract tokens, secrets, and other credentials associated with services like GitHub, AWS, and Docker Hub

Software development and testing platform Travis CI confirmed the second incident of…

Hacker claims to steal data of 100 million T-mobile customers

A threat actor claimed to have hacked T-Mobile’s servers and stolen databases…