Sensitive customer and employee information may have been exposed during a March data breach, cruise giant Carnival Corp. announced Thursday.
Carnival told customers in a letter Thursday that a March cyber attack on their databases had potentially exposed the Social Security numbers, passport numbers, health records, and other sensitive information of its customers and employees, the Associated Press reported. Carnival engaged a cyber security firm to investigate the matter, who found hackers had accessed personal data.
“The investigation revealed unauthorized third-party access to certain personal information relating to some guests, employees and crew for Carnival Cruise Line, Holland America Line, Princess Cruises and medical operations,” Carnival spokesman Roger Frizzell told the Daily Caller News Foundation on Friday.
Carnival did not believe the hack to be a ransomware attack, and said there is a “low likelihood” that customer information had been misused. They did not confirm how many customers were affected. (RELATED: Russian Hackers Accessed Microsoft Users’ Accounts By Guessing Passwords In SolarWinds Cyberattack, Investigators Say)
The Carnival Cruise Ship ‘Carnival Vista’ heads out to sea. (RHONA WISE / AFP via Getty Images)
“The company has notified guests, employees, crew and other individuals whose personal information may have been impacted,” Frizzell said. “It also has established a dedicated call center to answer questions regarding the event.”
Carnival was the victim of a ransomware attack in August of last year that also exposed customer information, affecting three of the corporation’s brands: Carnival Cruise Line, Holland America Line, and Seabourn.
The announcement comes following a series of cyberattacks and data breaches on major U.S. companies and infrastructure. Meat packer JBS paid out an $11 million ransom earlier this month to ransomware hackers, while Colonial Pipeline paid hackers $4.4 million following its shutdown in May.
The Federal Bureau of Investigation blamed eastern European cyber criminals for both attacks. It is unclear who is responsible for the attack on Carnival.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.