Exploit: Accidental data sharing
Holland America Line, Inc.: Cruise company
Risk to Small Business: 1.833 = Severe
When communicating with COVID-19 patients from a recently-docked cruise ship, authorities accidentally emailed an attachment that included the personal details to all cruise line passengers impacted by the virus. Compounding the problem, many recipients forwarded the email, expanding the scope of the data exposure. Impacting COVID-19 patients, this data breach is an awful event occurring at a terrible time.
Individual Risk: 1.905 = Severe
The breach includes patients’ personally identifiable information, including their names, addresses, dates of birth, email addresses, phone numbers, and passport numbers. The 247 passengers are also being asked to change their passport numbers. Victims should enroll in a credit and identity monitoring service to ensure the long-term integrity of this critical data.
Customers Impacted: 247
How it Could Affect Your Customers’ Business: This incident is a reminder that companies need a 360-degree approach to data security that accounts for all types of data loss opportunities. In this way, holistic cybersecurity training can equip employees to rightly prioritize company data and to take appropriate steps to mitigate the risk of a data breach.