Carnival Corporation has warned that a cyberattack has leaked guests, employees and crew’s personal information across three of its brands.
The company initially disclosed a ransomware attack on one of its brands in August in a regulatory filing, but said it believed no other brands were affected by the breach.
Carnival did not disclose which brand had been affected in the August filing.
However, the cruise giant revealed last week that an unauthorised third party gained access to guests, employees and crew’s personal details through Carnival Cruise Line, Holland America Line and Seabourn, as well as casino operations.
Carnival said it had taken steps to recover its files, working alongside cybersecurity consultants, and that it has evidence indicating a low likelihood of data being misused.
The company said it is working to identify the guests affected by the breach and will send notifications to them in the next 30 to 60 days.
For consumers, Carnival has posted website notices and established a dedicated call centre to answer questions around the event.
The company said its information security team worked hard to shut down the intrusion and restore operations to prevent further unauthorised access as well as engaging a major cybersecurity firm to investigate the matter and notify law enforcement and appropriate regulators of the event.
Featured image source: iStock/undefined undefined