In May 2019, Carnival Corp., the parent company of Princess Cruises and Holland America Cruise Line, fell victim to a targeted **ransomware attack** in Florida, USA. The incident began when hackers gained unauthorized access to an employee’s account, allowing them to monitor internal email traffic and identify high-value targets within the organization. The attackers then encrypted portions of Carnival Corp.’s IT systems, disrupting operations and potentially exposing sensitive corporate and employee data. While the full scope of the breach was not publicly detailed, the attack highlighted vulnerabilities in the company’s cybersecurity defenses, particularly around credential protection and email security. The encryption of critical systems likely caused operational disruptions, financial losses from recovery efforts, and reputational damage. The attack also raised concerns about the potential exposure of employee and customer data, though no large-scale data leak was confirmed in public reports. Carnival Corp. had to invest in incident response, system restoration, and enhanced security measures to mitigate future risks.
Source: https://hospitalitytech.com/carnival-corp-announces-data-breach-affecting-two-its-cruise-lines
TPRM report: https://www.rankiteo.com/company/carnival-corporation
"id": "car311092125",
"linkid": "carnival-corporation",
"type": "Ransomware",
"date": "5/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'shipping/cruise line',
'location': 'Florida, USA',
'name': 'Princess Cruises',
'type': 'subsidiary'},
{'industry': 'shipping/cruise line',
'location': 'Florida, USA',
'name': 'Holland America Cruise Line',
'type': 'subsidiary'},
{'industry': 'shipping/cruise line',
'location': 'Florida, USA',
'name': 'Carnival Corp',
'type': 'parent company'}],
'attack_vector': 'compromised employee account',
'data_breach': {'data_encryption': True},
'date_detected': '2019-05',
'description': 'In May 2019, shipping firm Princess Cruises & Holland America '
'Cruise Line, a part of Carnival Corp., was hit by a '
'ransomware attack in Florida, USA. Hackers gained '
"unauthorized access to a company employee's account and "
"encrypted a part of the company's IT systems. After "
"compromising the account and monitoring the company's email "
'traffic, the hacker allegedly identified potential targets.',
'impact': {'systems_affected': ["part of the company's IT systems"]},
'initial_access_broker': {'entry_point': 'compromised employee account',
'high_value_targets': 'identified potential targets',
'reconnaissance_period': 'monitored email traffic'},
'ransomware': {'data_encryption': True},
'title': 'Ransomware Attack on Princess Cruises & Holland America Cruise Line '
'(Carnival Corp)',
'type': 'ransomware'}