Cybercrime

Cruise Operator Carnival Discloses 2019 Data Breach

Leisure travel company Carnival Corporation has started informing customers of a data breach that occurred last year and which resulted in their personal information being accessed by a third-party.

Ionut Arghire

March 5, 2020

The company owns 10 global cruise line brands and a tour company, has a fleet of 102 ships visiting more than 700 ports around the world, and employs over 120,000 people. The company serves nearly 11.5 million guests annually.

In a data breach notification (PDF) filed with the attorney general’s office in California, Carnival revealed that it launched an investigation after discovering suspicious activity on its network in May 2019.

“It now appears that between April 11 and July 23, 2019, an unsanctioned third party gained unauthorized access to some employee email accounts that contained personal information regarding our guests,” the company says.

According to Carnival, the intruders might have accessed a large amount of sensitive data, including names, addresses, Social Security numbers, passport numbers or driver’s license numbers, health-related information, and credit card and financial account details.

The company also says that the types of data potentially impacted in the incident vary by guest, adding that it does not have “any evidence of misuse of the personal information affecting any individual.”

The travel company says it has already contacted law enforcement on the matter, and that it is undertaking a review of its security policies and procedures, to improve its security program.

“We sincerely regret this occurred and for any concern that this may have caused you. We take very seriously our commitment to privacy and data security,” the company says.

Advertisement. Scroll to continue reading.

The company has yet to reveal how many of its customers were impacted in the incident.

SecurityWeek has contacted Carnival Corporation via email for additional details on the data breach and will update this article as soon as a reply arrives.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

Click to comment

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk. (Joshua Goldfarb)

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. (Etay Maor)

You Against the World: The Offenders Dilemma

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. (Tom Eston)

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. (Marc Solomon)

Know Your Audience When Speaking to Security Practitioners

How can security practitioners make sense of the vendor landscape and separate those who talk a good game from those who can execute, perform, and solve real problems for enterprises? (Joshua Goldfarb)

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Eduard KovacsOctober 1, 2019