Cruise giant says six million customers’ personal information was exposed in breach
The cruise conglomerate operates 90 vessels across several brands (Getty Images)
Carnival Corporation is offering two years of complimentary credit monitoring to nearly six million U.S. customers following a data breach that occurred in April.
The breach compromised the personal information of 5,995,277 people after a hacker used social engineering to deceive an employee and gain access to a limited portion of the company’s IT system.
Compromised data includes names, addresses, email addresses, phone numbers, birth dates, and government-issued identification numbers such as driver’s license and passport numbers, though the specific information varied by individual.
Carnival began sending individual email notifications on May 27, a timeline that has drawn criticism from some customers on online forums due to the perceived delay in communication.
While Carnival has not publicly verified it, Security Week reported that the extortion collective ShinyHunters has claimed responsibility for the cyberattack.
