Cruise operator Carnival hit by ransomware

By

Guest and employee personal data taken.

Carnival PLC, which owns nine of the world's largest and best-known cruise lines, has announced that it has suffered a ransomware attack that encrypted some IT systems.

Cruise operator Carnival hit by ransomware

In a filing [pdf] to the United States Securities and Exchanges Commission watchdog, Carnival Corporation and PLC said it suffered the attack on August 15 this year.

User and employee data was stolen by the unnamed ransomware gang, which Carnival said could open up the company to legal action.

"We expect that the security event included unauthorised access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders, or regulatory agencies," Carnival added.

Carnival did not say how extensive the attack was, but has engaged cyber security consultants to contain and remediate the infection.

The leisure ship company is the owner of Princess Cruises, which operates the Ruby Princess liner that landed in Sydney in March with hundreds of COVID-19 positive passengers disembarking.

Carnival believes that IT systems of its brands like Princess weren't compromised in the ransomware attack, but added that "there can be no assurance" that they were not adversely affected.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

"Widespread data theft" hits Salesforce customers via third party

"Widespread data theft" hits Salesforce customers via third party

Home Affairs adds SecOps to new cyber risk overhaul

Home Affairs adds SecOps to new cyber risk overhaul

Exetel fined $694k over system 'vulnerability' for mobile number porting

Exetel fined $694k over system 'vulnerability' for mobile number porting

Attackers weaponise Linux file names as malware vectors

Attackers weaponise Linux file names as malware vectors

Log In

  |  Forgot your password?