AIDA Cruise Ships

In December 2020, AIDA Cruises faced a severe IT disruption attributed to a **DoppelPaymer ransomware attack**, crippling critical systems including phone and email communications. The incident forced the cancellation of **New Year’s Eve cruises**, including the *AIDAperla* voyage, leaving passengers stranded and operations paralyzed. The company publicly acknowledged the outage via website notifications, confirming that customers could not reach them through standard channels. While the full scope of data compromise remains undisclosed, the attack disrupted core business functions, leading to **financial losses from canceled bookings**, **reputational damage**, and **operational downtime**. The ransomware’s impact extended beyond IT systems, directly affecting customer trust and revenue streams during a peak holiday period. The incident underscores the vulnerability of the travel industry to cyber extortion, particularly when critical infrastructure like communication platforms is targeted.

Source: https://www.cruiselawnews.com/2020/12/articles/cyber-attacks/aida-cruise-ships-under-cyber-attack-are-costa-ships-also-affected/

TPRM report: https://www.rankiteo.com/company/aida-cruises

"id": "aid248092125",
"linkid": "aida-cruises",
"type": "Ransomware",
"date": "12/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'customers_affected': 'passengers of cancelled cruises '
                                              '(e.g., AIDAperla)',
                        'industry': 'travel/hospitality (cruise line)',
                        'location': 'Germany (headquarters)',
                        'name': 'AIDA Cruises',
                        'type': 'company'}],
 'customer_advisories': 'email to passengers, website notice',
 'data_breach': {'data_encryption': 'likely (ransomware)'},
 'date_detected': '2020-12',
 'date_publicly_disclosed': '2020-12',
 'description': 'In December 2020, AIDA cruise ships experienced severe IT '
                "problems, leading to the cancellation of New Year's Eve "
                'cruises. The company attributed the disruptions to IT '
                'restrictions affecting phone systems and email, suspected to '
                'be caused by a ransomware attack (DoppelPaymer). Customers '
                'were unable to reach the company via phone or email, as '
                'indicated on their website.',
 'impact': {'brand_reputation_impact': 'moderate to high (public cancellation '
                                       'of major holiday cruises)',
            'customer_complaints': 'likely (due to cancelled cruises and '
                                   'communication outages)',
            'downtime': "prolonged (at least through New Year's Eve 2020)",
            'operational_impact': "cancellation of New Year's Eve cruises "
                                  '(e.g., AIDAperla)',
            'systems_affected': ['phone systems',
                                 'email systems',
                                 'website communication']},
 'investigation_status': 'suspicion of ransomware (DoppelPaymer) as of '
                         'December 2020',
 'motivation': 'financial (ransom)',
 'ransomware': {'data_encryption': 'likely',
                'ransomware_strain': 'DoppelPaymer'},
 'references': [{'source': 'BleepingComputer'}],
 'response': {'communication_strategy': 'email to passengers, website notice '
                                        'about communication outages',
              'incident_response_plan_activated': 'likely (given public '
                                                  'communication)'},
 'title': 'AIDA Cruises Ransomware Attack (DoppelPaymer) - December 2020',
 'type': 'ransomware'}