Cruise operator Carnival said on Thursday it had detected unauthorised access to its computer systems in March, after which it alerted regulators and hired a cyber security firm to investigate the breach.
The company, whose shares were down over 2 percent, noticed the suspicious activity on March 19 and acted quickly to "to shut down the event and prevent further unauthorised access", it said in an emailed statement.
The breach affected personal information of some guests, employees and crew for Carnival Cruise Line, Holland America Line, Princess Cruises and medical operations, Carnival said.
"There is evidence indicating a low likelihood of the data being misused," the company added.
Miami-based Carnival also said it alerted individuals whose data had been compromised and set up a call center to respond to their queries.
Technology news website Bleeping Computer first reported the breach.
The disclosure from the company comes at a time United States has witnessed a spate of increasingly bold cyber attacks on critical infrastructure.
A ransomware attack on Colonial Pipeline last month temporarily stalled one of the country's major arteries for fuel delivery.
Meat processor JBS also had its US and Australian operations disrupted earlier this month due to a cyberattack.
Carnival was also hit by a ransomware attack last year, which affected the information technology systems of one of its brands.