Carnival Corporation has announced it is providing two years of complimentary credit monitoring for some U.S. travelers affected by a data breach. This breach exposed nearly 6 million customers’ personal information.
Details of the Data Breach
In a statement, Carnival Corporation revealed that the breach occurred due to unauthorized access to part of its IT system. A social engineering attack on a user account was the cause. The company blocked the activity, engaged security experts, and informed law enforcement promptly. Investigations revealed certain personal details were accessed due to this incident.
A hacker managed to gain access by deceiving an employee, affecting the data of 5,995,277 individuals.
According to a filing with the Maine Attorney General’s office, personal details illegally accessed included names, email addresses, phone numbers, and more.
Company’s Response and Measures
Carnival emphasized they are conducting a “thorough and time-consuming analysis” to determine the extent of compromised information. They have already sent notifications to those affected. The company has introduced additional security measures on top of existing protections and vowed to enhance its security defenses continuously.
Carnival expressed regret over any concern caused to affected individuals. They stressed their commitment to protecting personal data privacy.
Issues with Notifications
In an online notice, Carnival addressed why some customers had not been notified promptly about the breach. They explained that due to the complex nature of the incident, identifying affected information and individuals took time.
Some customers voiced frustration online, with discussions on Reddit highlighting dissatisfaction over the notification delays. A claim that hackers published customer information on the dark web was mentioned, though not confirmed by Carnival.
Complimentary Credit Monitoring
Carnival is offering complimentary credit monitoring through TransUnion for U.S. customers impacted by the breach. The company advises customers to watch their accounts and credit reports closely. They should contact authorities if they detect any fraudulent activity.
Artificial Intelligence Advances Prompt Strategic Shifts 
Privacy Advocacy and Encryption Challenges: Meredith Whittaker’s Perspective 
The Travel Habit That Threatens Your Digital Security 
The Misguided Approach to AI Export Bans 
The Perils of Text Job Scams and How to Avoid Them 
FBI Constructs Mock Town for Cyberattack Training