7/30/2023 0 Comments Carnival data breach 2021![]() The settlement funds will be used for reimbursement of the state’s actual costs and attorneys’ fees, the payment of restitution, if any, and for future consumer fraud or antitrust enforcement, consumer education, or public welfare purposes. In a settlement, Carnival agreed to implement several specific data security safeguards, including a comprehensive information security program and incident response and data breach notification plan to provide additional protections for consumers. ![]() Ten months later, Carnival provided notice to more than 100,000 consumers nationwide whose personal information was found in the compromised email accounts, including more than 3,000 Colorado residents. In an apparent business email compromise attack, the intruders compromised 124 Carnival employee email accounts. In late May 2019, Carnival learned that an employee email address was used to spam other company email accounts. “Businesses need to be vigilant to protect the personal information of their customers and employees from the actions of hackers and others intent on stealing that information,” Weiser said. “At a certain point, they are advertising to the world that they are an easy target and can look forward to more frequent and serious attacks,” Bambenek said.COLORADO SPRINGS - A cruise-based travel agency, will pay more than $24,700 to the state of Colorado in a $1.25 million multistate settlement after a 2019 data breach compromised the personal information of 3,037 Colorado residents.Īttorney General Phil Weiser announced that Carnival also agreed to implement additional data security safeguards to protect consumers’ information in the future. John Bambenek, threat intelligence adviser at Netenrich, pointed out that the fact that Carnival has been hit three times in the past several months means the company needs to ask some serious questions on what it’s doing to protect its sensitive information. “These types of attacks are often started through email phishing attacks, so organizations that wish to avoid the same issues as Carnival would be wise to invest in high-quality email filtering and an employee training program focused on spotting email phishing attacks and proper password hygiene.” “Most large cruises, by their very nature, tend to visit ports in foreign countries, so they must collect sensitive information to be used for customs preparation and other purposes related to the travel,” Kron said. ![]() Kron added that based on the type of data and the sheer volume it collects, it’s not a surprise they were attacked Carnival captures some very valuable data to attackers. Cruise operator Carnival Corp said on Thursday it had detected unauthorized access to its computer systems in March, after which it alerted regulators and hired a cybersecurity firm to. Just as cruise lines are starting to book trips after a long shutdown because of COVID-19, Carnival faces yet another cybersecurity issue, said Erich Kron, security awareness advocate at KnowBe4. ![]() The company operates many of the leading cruise lines, including Carnival Cruise Line and Princess Cruises. The news raised some eyebrows, because Carnival has been hit by multiple cyberattacks since 2019, including a ransomware incident last summer. Interestingly, the letter from Carnival said there was a “low likelihood” of the data being misused. The data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers.Īccording to Carnival, the impacted information includes “data routinely collected during the guest experience and travel booking process or through the course of employment or providing services to the company, including COVID or other safety testing.” In a data breach notification letter sent to affected customers, Carnival said that on March 19 it detected that an unauthorized third-party had access to a limited number of email accounts. Carnival Corporation – which has been plagued by cyberattacks over the past few years – issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |