Carnival Corporation – which has been plagued by cyberattacks over the past few years – issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees.
In a data breach notification letter sent to affected customers, Carnival said that on March 19 it detected that an unauthorized third-party had access to a limited number of email accounts.
The data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers.
According to Carnival, the impacted information includes “data routinely collected during the guest experience and travel booking process or through the course of employment or providing services to the company, including COVID or other safety testing.”
