Carnival Corp, a major player in the cruise industry, has reported a cybersecurity incident that compromised personal data. The breach, which occurred in April, involved unauthorized access to an employee’s account, leading to the exposure of personal information such as names, addresses, and government-issued identification numbers.

Response and Measures

Carnival acted swiftly to block the unauthorized activity, which was achieved through social engineering tactics. The company has engaged third-party security experts to conduct a thorough investigation into the incident. As part of its response, Carnival is notifying affected individuals via email and offering U.S. customers two years of free credit monitoring through TransUnion. Notifications began on May 27.

The company has also taken steps to strengthen its security and monitoring controls, committing to ongoing enhancements of its IT and data protection measures. Carnival has urged those affected to enroll in the free credit monitoring service, remain vigilant for potential fraud, review account activity and credit reports, and report any suspected identity theft to local authorities.

Background and Previous Incidents

This is not the first time Carnival has faced a cybersecurity challenge. In 2021, the company experienced unauthorized access to its computer systems, affecting personal information of guests, employees, and crew across several of its cruise lines, including Carnival Cruise Line, Holland America Line, and Princess Cruises.

The recurrence of such incidents highlights the importance of robust cybersecurity measures, especially in industries handling sensitive personal data. Carnival’s proactive approach in offering credit monitoring and enhancing security protocols reflects its commitment to protecting its customers and employees.

Original reporting: Appleton, WI News Feed (HLL/CB) — read the source article.