NEWNow you can listen to Fox News articles!
Carnival Corporation, the world’s largest cruise company, has announced that it will offer American travelers two years of free credit monitoring after a data breach leaked the personal information of nearly 6 million customers.
“In April, we identified unauthorized access to a limited portion of our IT system resulting from a social engineering attack on a single user account,” Carnival Corporation said in a statement sent to Fox News Digital. “We immediately blocked the activity, contacted third-party security experts and alerted law enforcement.”
In a press release published on their website, Carnival said its investigation found that some personal information was illegally accessed by an unauthorized actor who tricked an employee into logging into its system.
MAJOR CRUISE COMPANY CANCELS ROCK-BOTTOM FEE AFTER OFFERING GREAT WEBSITE PRICES
According to the company’s data breach notice filed with the Maine Attorney General’s office, the hack affected the information of 5,995,277 people.
The company’s 2025 annual report said it served about 13.5 million guests by 2025 on its 90-ship fleet. In addition to Carnival Cruise Line, the company’s portfolio includes AIDA, Costa, Cunard, Holland America, P&O and Princess cruise lines.
Carnival Corporation serves 13.5 million passengers each year and has notified nearly 6 million customers of security breaches that may have affected their personal information. (Patrick Connolly/Orlando Sentinel/Tribune News Service via Getty Images)
Carnival said it was conducting a “thorough and time-consuming analysis” to determine what personal information was at risk.
The company said that so far, it has determined that names, email addresses, phone numbers, dates of birth and driver’s license and passport numbers were included in the affected data.
Carnival announced that it has sent notification letters to people affected by the cybersecurity incident.
CLICK HERE FOR MORE LIFESTYLE NEWS
“We appreciate the people affected and deeply regret any concern this has caused,” Carnival told Fox News Digital.
“Protecting the privacy and security of personal data is our top priority and we have added new layers of security and monitoring on top of the comprehensive protection that is already in place,” the company added. “We will also continue to improve our defense against evolving threats.”
In an online notice Carnival said it was intended for people who could not send notice letters, the company raised concerns about the length of time that passed before affected customers were notified of the breach.
A group of cybersecurity hackers is claiming responsibility for a security breach that compromised millions of people’s information, but the claim has not been confirmed by Carnival Corporation. (Stock)
The company included a “Why am I only getting this?” in the notification FAQ.
“We understand this process can feel slow, and we appreciate your patience,” Carnival responded. “Complex incidents such as these take time and thorough investigation to understand what information was affected and whose, and to ensure that notifications are handled appropriately. After identifying and stopping the incident, our focus quickly shifted to fully investigating it and communicating with all parties as quickly as possible.”
CLICK HERE TO SUBSCRIBE TO OUR LIFE NEWSLETTER
Some frustrated customers responded to the post on Reddit’s R/CarnivalCruiseFans forum.
“Currently our data is long gone,” wrote one analyst.
Others said they would prefer to be paid for their trouble or given a voucher for a future cruise.
TEST YOURSELF WITH OUR LATEST LIFESTYLE QUIZ
One Redditor mentioned a report that Carnival allegedly refused to pay the ransom to the hackers and now customer information is “published on the dark web.”
This report has not been verified by Carnival, and the company has not publicly disclosed where the customers’ personal information ends up.
Following the recent data breach, Carnival Corporation is offering its affected customers complimentary credit monitoring for two years. (Stock)
According to securityweek.com, the “notorious phishing group” ShinyHunters claimed credit for the attack. The website noted, however, that Carnival did not confirm the claim.
“From problems to data breaches. What’s going on with Carnival?” wrote another, referring to the company’s recent cancellation of cruise bookings after an apparent website error briefly displayed deeply discounted fares.
CLICK HERE TO DOWNLOAD THE FOX NEWS PROGRAM
Regarding the security breach, the company said it “offers US citizens two years of credit monitoring through its third-party vendor, TransUnion.”
In addition to enrolling in a credit monitoring program, Carnival encourages affected customers to carefully monitor accounts and credit history and contact local police if they suspect fraud or identity theft.
