Skip to main content

World’s largest cruise line operator hit by cyberattack

The largest cruise line operator in the world has been hit by a ransomware attack, with customer data also believed to have been accessed.

Carnival Corporation, which operates more than 100 vessels across 10 different brands that include Carnival Cruise Line, Princess Cruises, and Costa Cruises, notified the U.S. Securities and Exchange Commission (SEC) this week after detecting the attack on August 15.

In its report to the SEC, Florida-based Carnival said that its investigation so far shows that the perpetrators accessed and encrypted some of its computer data, and also downloaded a number of data files. It added that it’s likely the security incident also saw “unauthorized access to personal data of guests and employees.”

The company said it believes the attack targeted only one of its brands, but added that at this stage it could offer no assurance that the computer systems of its other brands were not affected.

Digital Trends has reached out to the company to ask which brand suffered the attack, how many customers may have been impacted, what personal data may have been taken, and for details of the ransomware demand. We will update this piece when we hear back.

Carnival told the SEC that when it spotted the attack, it immediately notified law enforcement, and called upon the services of cybersecurity firms to bolster the security of its computer systems and help it in its investigation.

A ransomware attack uses malicious software to lock a computer system by encrypting files. Once locked, hackers demand payment from the owner of the system in return for a decryption key to regain access to the data.

Such incidents can cause huge disruption for victims — whether individuals or companies — with some feeling they have little choice but to pay the hackers. Retail currency dealer Travelex for example, reportedly paid $2.3 million to regain access to its systems following a ransomware attack at the start of this year, while GPS and fitness-tracker firm Garmin, which suffered a damaging attack last month, may have paid a substantial sum to get its systems up and running again.

To avoid falling victim to a ransomware attack, you should make sure your computer’s security software is fully up to date. You’re also advised to avoid clicking on unverified links in emails that could deliver the malware to your system or your company’s servers. Downloading files from sites you know little about is best avoided, too, and steering clear of unfamiliar USB sticks is also recommended.

If a company does fall victim to a ransomware attack, those with robust back-up procedures are usually best placed to deal with it as they can reset their systems using safely stored data.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
This anti-hacker group helps you escape ransomware for free
A depiction of a hacked computer sitting in an office full of PCs.

This week marks the sixth anniversary of the No More Ransom project, an initiative aimed at helping ransomware victims.

Operating as an online platform to help anyone who’s experiencing trouble after their system has been infected by some form of ransomware, No More Ransom was formed as a joint venture between law enforcement (Europol and the Dutch National Police) alongside IT security firms (Kaspersky and McAfee).

Read more
This researcher just beat ransomware gangs at their own game
A digital depiction of a laptop being hacked by a hacker.

A security researcher has discovered key flaws pertaining to popular ransomware and malware -- a state of affairs that could lead to their creators entirely rethinking the approach to infiltrate potential victims.

Currently, among the most active ransomware-based groups are the likes of Conti, REvil, Black Basta, LockBit, and AvosLocker. However, as reported by Bleeping Computer, the malware developed by these cyber gangs has been found to come with crucial security vulnerabilities.

Read more
Destructive hacking group REvil could be back from the dead
Person typing on a computer keyboard.

There was a period in 2021 when the computing world was gripped by fear of a dizzyingly effective hacking group fittingly named REvil -- until its website was seized by the FBI and its members arrested by Russia’s security services, that is. Yet like a malevolent curse that just can’t be dispelled, it now seems the group’s websites are back online. Has the group returned to spread discord and wreak havoc once again?

In case you missed them the first time around, REvil came to global attention by hacking into various high-profile targets, pilfering secret documents, then threatening their release unless a ransom was paid. In a notable case, the group stole and published files from Apple supplier Quanta Computer, including some that spilled the beans on unreleased product designs.

Read more