If you’ve ever cruised on a Carnival ship, your personal information might have been exposed in a recent hack.
The accessed data included personal information from customers, such as their name, address, email address, phone number, date of birth, and ID information (e.g., passport or driver’s license number).
According to a notice published by the company on May 27, Carnival’s IT department first became aware of unidentified access to a “limited portion” of the company’s IT system on April 14. The data is said to have been accessed through an act of social engineering, a form of cyberattack in which bad actors manipulate an individual into granting access to systems or information.
“The company acted swiftly to block the unauthorized activity and immediately began working with third-party security experts to further strengthen its security and to conduct a thorough investigation,” the company stated in the notice. “As part of this investigation, the company determined the bad actor illegally accessed certain personal information.”
Carnival began notifying affected individuals by email starting May 27, offering individuals a two-year complimentary subscription for TransUnion credit monitoring. The email included details for a dedicated call center that TransUnion set up to help individuals with enrollment.
Individuals who think they might be affected may also call the TransUnion call center at 844-593-8310, from 8 a.m. to 8 p.m. ET, Monday through Friday, excluding major U.S. holidays.
In addition to these services, the company advises individuals to remain vigilant for fraud or identity theft and to notify the police if they suspect either.
The company is also taking next steps for the future.
“In addition to the comprehensive security measures the company had in place prior to the incident, it has taken steps to further safeguard its systems, including enhancing its security and monitoring controls,” Carnival said. “The company will continue to advance its IT security and data privacy controls to stay ahead of an ever-evolving threat landscape.”
