Carnival Corporation Discloses Ransomware Attack; Personal Data of Employees and Guests Potentially Accessed
Carnival Corporation, the world”s largest cruise line operator, disclosed that one of its brands suffered a ransomware attack involving unauthorized access and encryption of data.
According to an 8-K form submitted to the Securities and Exchange Commission (SEC), the attack took place on August 15, 2020.
“Carnival Corporation and Carnival plc detected a ransomware attack that accessed and encrypted a portion of one brand”s information technology systems,” the company said. “The unauthorized access also included the download of certain of our data files.”
Following the security incident, Carnival announced an internal investigation, and notified law enforcement. They also engaged the services of third-party cybersecurity professionals, and “implemented a series of containment and remediation measures to address this situation and reinforce the security of its information technology systems.”
“The Company is working with industry-leading cybersecurity firms to immediately respond to the threat, defend the Company”s information technology systems, and conduct remediation,” Carnival added.
Although its initial assessment revealed the incident affected just a portion of a brand”s network systems, the report lacked details regarding the type of compromised information and the extent of the incident. However, the company “does not believe the incident will have a material impact on its business, operations or financial results.”
Despite this preliminary report, Carnival expects claims from its guests, employees and shareholders, revealing that the attack may have included unauthorized access to personal data of customers and employees.
“Nonetheless, we expect that the security event included unauthorized access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders, or regulatory agencies,” the filing reads. “Although we believe that no other information technology systems of the other Company”s brands have been impacted by this incident based upon our investigation to date, there can be no assurance that other information technology systems of the other Company”s brands will not be adversely affected.”
The cruise operator gave no additional information, such as the name of the impacted brand or type of ransomware used to encrypt its network.
Carnival Corporation & plc is the world”s largest leisure travel company with over 100 ships, providing cruise vacations to nearly 13 million guests per year. Carnival Cruise Line, Princess Cruises, Holland America Line, Seabourn, P&O Cruises (Australia), Costa Cruises, AIDA Cruises are among the most popular cruise line brands in the company”s portfolio.
Were you a victim of a data breach? Time to find out with Bitdefender”s Digital Identity Protection tool.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 21, 2021
July 15, 2021