Carnival Cruise has confirmed a significant data breach that affected nearly 6 million people, exposing a wide range of personal information after attackers gained access to part of its IT systems through social engineering. The company began notifying 5,995,277 customers after investigating unauthorized activity tied to an employee account and later determined that personal data had been copied.
The breach reportedly began on April 10, 2026, and by April 14 Carnival’s security team had identified suspicious access involving an employee account. According to the company, an attacker tricked an employee into granting access to a limited portion of its system, which allowed the intruder to move inside the network long enough to steal files before the activity was blocked. Carnival said it brought in outside security experts and started a formal investigation immediately after the incident was detected.
The data believed to have been exposed includes names, dates of birth, email addresses, genders, geographic locations, and loyalty program information linked to Carnival’s cruise brands. Reporting also suggests that some records may contain more sensitive identifiers such as government-issued ID numbers, passports, or driver’s license details, depending on the affected person. Have I Been Pwned said the leaked material appeared to relate to the Mariner Society loyalty program run by Holland America, a Carnival brand.
The ShinyHunters extortion group claimed responsibility for the attack and said it had obtained millions of records, along with internal corporate data. While Carnival has not publicly confirmed the group’s claim, the scale of the incident and the types of information exposed make it especially serious because the stolen details could be used for identity theft, account takeover, or highly targeted phishing. The breach also follows earlier security incidents at Carnival, adding to concerns about the company’s handling of sensitive customer data.
For affected travelers, the most immediate risk is that criminals could use the stolen information to impersonate Carnival or other travel companies in convincing scams. Customers should be alert for messages asking them to reset passwords, confirm bookings, or share documents, because those requests may be based on real personal details from the breach. Security experts generally advise changing account passwords, enabling multi-factor authentication, and monitoring financial and travel accounts closely after incidents like this.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: