cyber Breach

Princess Cruises

May 11, 2023 1 min read
Princess Cruises

Princess Cruises had a data breach which compromised employee and guest personal information.

In late May 2019, a series of deceptive emails were sent to employees that resulted in unauthorized third-party access to some employee email accounts.

Princess cruises was shut down to prevent further unauthorized access.

The unauthorized third-party access compromsed certain email accounts containing employee and guest personal information, including names, Social Security numbers, government identification numbers, such as passport numbers, national identity card numbers, credit card, and financial account information, and health-related information.

Source: https://www.travelagentcentral.com/cruises/data-breach-affects-princess-cruises-holland-america-line-guests

TPRM report: https://scoringcyber.rankiteo.com/company/princess-cruises

"id": "pri2320221222",
"linkid": "princess-cruises",
"type": "Breach",
"date": "05/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Cruise Line',
                        'name': 'Princess Cruises',
                        'type': 'Company'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal information',
                                              'Social Security numbers',
                                              'Government identification '
                                              'numbers',
                                              'Passport numbers',
                                              'National identity card numbers',
                                              'Credit card information',
                                              'Financial account information',
                                              'Health-related information']},
 'date_detected': '2019-05',
 'description': 'Princess Cruises experienced a data breach in late May 2019 '
                'where unauthorized third-party access to employee email '
                'accounts compromised personal information of employees and '
                'guests.',
 'impact': {'data_compromised': ['Names',
                                 'Social Security numbers',
                                 'Government identification numbers',
                                 'Passport numbers',
                                 'National identity card numbers',
                                 'Credit card information',
                                 'Financial account information',
                                 'Health-related information'],
            'systems_affected': 'Email accounts'},
 'initial_access_broker': {'entry_point': 'Email accounts'},
 'post_incident_analysis': {'root_causes': 'Phishing emails leading to '
                                           'unauthorized access'},
 'response': {'containment_measures': 'Shutdown of operations to prevent '
                                      'further unauthorized access'},
 'threat_actor': 'Unauthorized third-party',
 'title': 'Princess Cruises Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Employee email accounts'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.