World's largest cruise line operator Carnival hit by ransomware

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
7,737
Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend.

Carnival Corporation is the largest cruise operator in the world with over 150,000 employees and 13 million guests annually. The cruise line operates under the brands Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, and their ultra-luxury cruise line Seabourn.

In an 8-K form filed with the Securities and Exchange Commission (SEC), Carnival Corporation has disclosed that one of its brands suffered a ransomware attack on August 15th, 2020.

"On August 15, 2020, Carnival Corporation and Carnival plc (together, the “Company,” “we,” “us,” or “our”) detected a ransomware attack that accessed and encrypted a portion of one brand’s information technology systems. The unauthorized access also included the download of certain of our data files," the cruise line operator stated in their filing.

As part of the attack, Carnival states data was likely stolen and could lead to claims from those affected by the potential data breach.

"Nonetheless, we expect that the security event included unauthorized access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders, or regulatory agencies,"
 

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
7,737
In a 10-Q form filed with the SEC yesterday, Carnival confirmed that the unknown ransomware gang was able to gain access to personal information of both customers and employees during the attack.
The discovery was made during an investigation led by a major cybersecurity firm hired by Carnival following the August 15 incident. The company also notified data regulators and relevant law enforcement agencies.

"While the investigation is ongoing, early indications are that the unauthorized third-party gained access to certain personal information relating to some guests, employees, and crew for some of our operations," Carnival said. "There is currently no indication of any misuse of this information."
"While at this time we do not believe that this information will be misused going forward or that this incident will have a material adverse effect on our business, operations, or financial results, no assurances can be given, and further, we may be subject to future attacks or incidents that could have such a material adverse effect," Carnival added.