Exploit: Hacking
Carnival Cruise Lines: Cruise Ship Operator
Risk to Business: 1.651= Severe
Perennially cyber security challenged cruise line Carnival issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees. The company said that the data snatched was collected during the travel booking process, through the course of employment or from providing services to the company, including COVID or other safety testing.
Risk to Business: 1.802= Severe
The passenger data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers. No clear information was provided about the employee information that was exposed.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business This is the third major cyber security blunder for Carnival in just one year, and that is likely to create a great deal of mistrust with consumers just as the travel industry is getting back on it’s feet.
Source: SC Magazine