Some customers and employees of Carnival Corp. cruise lines have had their personal information stolen. The brands affected by the cruise data breach include Carnival Cruise Line, Holland America Line and Princess Cruises.
In a letter to customers, the operator suggested that outsiders could have gained access to a wealth of personal information including, passport numbers, dates of birth, addresses, and even the health information of some people. In some instances, additional personal information like national identification numbers have also been accessed.
According to a Carnival spokesman, the company detected the intrusion on March 19 and quickly “shut down the event” to “prevent further unauthorized access”. It has since hired a cybersecurity company to investigate what went wrong and is making data security improvements. Although for those affected by the breach, this could be too little too late.
So far, the business has not revealed how many employees and customers have been exposed in this data breach. Carnival has more than 150,000 employees and hosts around 13 million guests each year.
Are victims of the cruise data breach at risk?
While it says that “there is evidence indicating a low likelihood of the data being misused,” in our experience, it is unlikely that the company can say this with any confidence. Cybercriminals can cause considerable damage with the type of information accessed in this hack – including financial theft and identity fraud.
Indeed, the company has advised victims of the breach to review their account statements and credit history. It has also warned them to be vigilant of any follow-up phishing attacks by criminals using the stolen information.
A history of data failures?
This is not the first time that Carnival has experienced failures in its data security. The operator experienced three previous attacks last year when hackers broke into its systems. So, this is the fourth data breach Carnival has suffered in the last 18 months.
This leaves many people asking what lessons have previously been learned by the business, and how much importance it places on data security?
Is your data at risk following the Carnival data breach?
Carnival Corp. says that it has alerted all the individuals whose data had been compromised in this breach. It has also offered those affected free credit check monitoring and identity theft detection for 18 months.
While we would recommend that those at risk take advantage of these services, we would advise checking the small print of any offer to ensure that, by accepting, you are not prohibited from making a data breach claim.
If you have received notification of your involvement, you could have a data breach compensation claim. If you are an employee or customer of any of the affected cruise liners and you have not received any such notification, you have a legal right to ask whether your data was put at risk in this breach.
To find out about making a data breach claim against Carnival Corp., contact us today.