Carnival Cruise Line has confirmed that a data breach in April compromised nearly 6 million customer records. The attack involved social engineering targeting a single employee account, with the threat actor confirming the exfiltration of sensitive personal information by late April. This incident follows previous security breaches at the company and highlights ongoing vulnerabilities in corporate credential management.
ShinyHunters confirms theft of nearly 6 million passenger details via social engineering attack targeting a single employee account.
The stolen data includes names, home addresses, email addresses, phone numbers, dates of birth, driver's license numbers, and passport numbers. The breach was discovered after a threat intelligence group called ShinyHunters listed the records on its public leak portal. The initial figure cited by the group was 8.7 million records, which includes data tied to the Mariner Society loyalty program operated by Holland America Line.
Carnival has already begun notifying affected users, with notification letters sent out on May 27. This incident follows a 2019 breach that exposed approximately 180,000 records and another in 2021. Carnival has not released details regarding the overall financial consequences of the breach or specific expenses for recovery efforts.
Security researchers note that ShinyHunters frequently targets companies through compromised employee accounts or Salesforce environments. Recent high-profile victims include ADT and Mixpanel, indicating a broader trend of attackers exploiting third-party integrations for large-scale data theft. The cruise line has not provided public information about the exact technical systems targeted during the incident.
The Maine Attorney General's office is among the sources reporting on the breach, suggesting potential state-level regulatory scrutiny. The incident falls under high news value due to the volume of exposed personal identifiers and the involvement of a major travel vendor. Operations remain standard as staff evaluate the extent of the unauthorized access.



Discussion
0 comments
Log in to join the thread with a thoughtful take, question, or correction.