![]() We engaged a major cybersecurity firm to investigate the matter and notified law enforcement and regulators of the incident.” reads the 10-Q form. “On August 15, 2020, we detected a ransomware attack and unauthorized access to our information technology systems. The company added that it is not aware of any misuse of the exposed information. Now the company filed a new In a 10-Q form with the SEC, it confirmed that an unknown ransomware gang also stole the personal information of its customers and employees. The company also announced to have already implemented a series of containment and remediation measures to respond to the incident and reinforce the security of its information technology systems. Upon the discovery of the security incident, the Company launched an investigation and notified law enforcement, it also hired legal counsel and cyber security professionals. The company also notified law enforcement agencies and data regulators.Īt the time, the company revealed that only one of its cruise line brands was affected by the security breach. “Nonetheless, we expect that the security event included unauthorized access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders, or regulatory agencies,” The unauthorized access also included the download of certain of our data files,” states the 8-K form filed with the SEC. “On August 15, 2020, Carnival Corporation and Carnival plc (together, the “Company,” “we,” “us,” or “our”) detected a ransomware attack that accessed and encrypted a portion of one brand’s information technology systems. In an 8-K filing with the US Securities Exchange Commission (SEC), the cruise line operators revealed that the incident took place on August 15. The company operates nine cruise line brands (Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, Seabourn) and a travel tour company (Holland America Princess Alaska Tours). The cruise line operates under the brands Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, and their ultra-luxury cruise line Seabourn. "As part of its ongoing operations, the company is continuing to review security and privacy policies and procedures and has been implementing changes as needed to enhance our information security and privacy program and controls," the spokesperson said.Ĭarnival saw two ransomware attacks in August and December of 2020, the company reported in April.Carnival Corporation has over 150,000 employees and 13 million guests annually. Carnival has since contacted the people who may have been affected by the data breach, and has created a call center to field any questions. However, "there is evidence indicating a low likelihood of the data being misused," the spokesperson told Insider. ![]() Personal information like Social Security and passport numbers, addresses, and health data may have been accessed during the breach, the Associated Press reported. ![]() The investigation later found that information on guests, crew members, and employees with Carnival Corp and several of its brands - Carnival, Holland America, Princess, and "medical operations" - were impacted by the "third party access to limited portions of its information technology systems," according to the spokesperson. In response to the breach, Carnival "shut down the event," informed regulators, and called on a cybersecurity company to look into the attack. See more stories on Insider's business page.Ĭarnival Corp says its guests' and employees' personal data may have been impacted in a data breach first discovered on March 19, a company spokesperson told Insider in an email statement on Friday. The company's Carnival, Holland America, and Princess cruise lines were affected.ĭata like Social Security and passport numbers may have been accessed, the Associated Press reported. Sam Greenwood/Getty ImagesĬarnival Corp says a data breach in mid-March may have impacted its guests' and employees' personal data. Carnival Cruise Line's Carnival Ecstasy cruise ship in March 2020.
0 Comments
Leave a Reply. |