21:17 GMT30 July 2021
Listen Live
    Business
    Get short URL
    by
    0 122
    Subscribe

    Carnival Corporation subsidiary Princess Cruises announced last year that it had identified "suspicious activity" by an individual or entity who, in mid-2019, gained access to the personal information of both travelers and employees. It was later disclosed that the Carnival Corporation fell victim to a similar cyber attack on August 15, 2020.

    Carnival Corporation revealed to customers in a Thursday memo that an unauthorized actor may have obtained access to a number of individuals' personal details, including Social Security numbers, health records, passport information and dates of birth.   

    The data breach reportedly occurred on March 19, and impacted the British-American cruise operator's popular subsidiaries: Carnival Cruise Line, Princess Cruises Carnival Corp subsidiaries. Employees were also impacted by the data breach. 

    The company did not disclose how many individuals may have had their personal information compromised.

    Carnival spokesperson Roger Frizzell detailed that the cruise operator hired a cybersecurity firm to investigate the "unauthorized third-party" who gained access to the cruise operator's IT systems. 

    Those possibly impacted by the data breach have been notified, and the company has established a call center to assist with the matter, Frizzell asserted to The Hill on Friday. 

    The Carnival spokesperson claimed that, based on current evidence, there is no reason to believe the data is being misused. 

    While the cruise operator has reportedly implemented enhancements to its cybersecurity and privacy programs, this incident comes as the third major data breach associated with the Carnival Corporation since 2019. 

    Following both the 2019 data breach with Princess Cruises and the 2020 data breach with the Carnival Corporation, the cruise operator pledged to conduct a "review" to enhance its cybersecurity. 

    News of Carnival's latest breach comes alongside a string of alleged cyberattacks on US-affiliated companies and infrastructure. Within recent months, US-based JBS SA beef plants, Cox Media Group and the Colonial Pipeline have all been disrupted by ransomware.

    JBS and the Colonial Pipeline were not able to resume normal operations until they wired the cybercriminals some $11 million and $4.4 million, respectively. 

    Related:

    Bon Voyage: Norwegian Cruise Line May Skip Florida Ports Due to COVID-19 Vaccine Passport Ban
    New Zealand Central Bank Governor Apologizes For Data Breach, Says Probe Underway
    NHS Contract With US Tech Firm May Be 'Massive Breach' of Data Protection Law, Says medConfidential
    Failure To Act: BA Could Pay Out Up To £3bn In Settlement Fines Over 2018 Data Breaches, Report Says
    Ireland Hits Twitter With Fine in Landmark Ruling After 2019 Data Breach
    Tags:
    Carnival Cruise Lines, Carnival Cruise, cruise ship, cyber security, data breach, travel
    Community standardsDiscussion