Carnival Corp Suffers Data Breach: Staff and Guests Compromised

It seems that Covid-19 isn’t the only thing hitting the cruise ship industry. Carnival Corp also suffered from a data breach as well.

It’s a pretty safe bet that the news has not been very good for the cruise ship industry. With Covid-19 being wallpapered across major media outlets all over the world, one of the focuses has been on cruise ships. In at least two instances, cruise ships were left stranded at sea as guests suddenly began being tested positive for the virus. In the weeks since, health officials recommended against taking cruises for fear cruise ships could be the perfect incubator for the virus.

While so much focus has been on the impacts of the virus impacting the cruise ship industry, much less attention is being given to another story that recently surfaced about the industry. Carnival Corp, one of the largest cruise ship corporations out there, has suffered a data breach. Reports say that hackers have hit the corporations web services and made off with personal information about both guests and staff alike. From Gizmodo:

Earlier this month, the multibillion-dollar cruise conglomerate Carnival Corp. announced that two of its most popular lines—Holland America and Princess Cruises—were respectively slammed with hacks compromising the sensitive personal intel of cruise-goers and cruise-workers alike. Even though neither announcement makes mention of when each respective breach was disclosed, pulling up the source code for the Princess line’s disclosure reveals that the post happened midday on March 2—just as the U.S. began to learn of the country’s first deaths from covid-19—which is probably why the breach news slipped past most of our radars.

Per Carnival, its cruise companies were hit sometime between April and July of last year, when “an unsanctioned third party gained unauthorized access to some employee email accounts that contained personal information regarding our employees, crew, and guests.”

What kind of information did the “unsanctioned third party” access? All the bad types. Carnival offers a brief rundown:

The types of data potentially impacted varies by individual but can include: name, address, Social Security number, government identification number, such as passport number or driver’s license number, credit card and financial account information, and health-related information.

The article goes on to say that Holland America is recommending people affected by the breach should contact their credit card company and put fraud alert notifications on their accounts as a precaution.

March is showing some… interesting… security incidences so far. Earlier this month, Clearview AI suffered a data breach. In it, their entire client list was stolen by hackers. After that, Telus owned Canadian mobile carrier Koodo suffered a data breach. Customer information wound up on the dark web and is being sold by hackers. The next day, we reported on UK mobile carrier Virgin Media who suffered from a data leak.

This latest breach will no doubt add an interesting dimension to the news stories surrounding the cruise ship industry.

Drew Wilson on Twitter: @icecube85 and Facebook.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top