P2020-ND-076

Carnival Corporation & plc and its subsidiaries and brands

In late May 2019, the Organization identified suspicious activity on its network and initiated an investigation. The Organization discovered that between April 11 and July 23, 2019, an unauthorized third party gained access to some employee email accounts that contained personal information regarding employees, crew, and guests. Approximately 124 employee email accounts, primarily at Princess Cruise Line, were compromised. The Organization reported that it appears that the unauthorized third party sought information related to payments and invoices. On September 19, 2019, the investigation further revealed on that personal information of customers was affected. The Organization reported that it does not have evidence indicating identity theft or misuse of personal information because of this incident.

File Type: pdf
Categories: 2020
Tags: Unauthorized access