AIDA Canceled Cruises due to Unspecified IT Outage
Carnival Corporation’s brands AIDA and Costa Cruises are both reporting technical problems that are affecting operations. The problems were first announced by AIDA on December 25, but neither the corporation nor either of the cruise lines has confirmed a cyberattack or a malware intrusion.
AIDA released a brief statement on its social media and sent to passengers saying, “unfortunately, we are currently affected by IT restrictions. Therefore, we are currently not available to our customers by phone or email.” AIDA’s website however is functioning although Costa Cruises online booking engine is currently offline.
The unspecified technical problems were reported to be impacting AIDA’s ability to communicate with customers who were planning to board the line’s cruise ships in the Canary Islands, and according to German media preventing communications between the company’s headquarters and its cruise ships. Germany’s NDR media network is reporting that passengers are experiencing problems aboard the ships, which included no access to the on-board information systems and purchases being recorded on paper instead of the normal computer systems.
AIDA said that due to the IT restrictions that it had been forced to cancel the planned December 26 cruise on the AIDAperla and the December 27 cruise aboard the AIDAmar. Both ships resumed operations sailing limited cruises around the Canary Islands in December.
Germany’s NDR is also reporting that the public prosecutor's office in Rostock, Germany, where the line is headquartered, is investigating suspected computer sabotage.
As the amount of cyberattacks increase in the shipping industry, the cruise lines have been among the targets of hackers. Earlier this year Carnival Corporation confirmed a cyberattack on the systems for Carnival Cruise Line, Holland America Line, and Seabourn Cruises, each based in the United States. Hackers were believed to have been successful in accessing personal information of guests and crew from the three cruise lines as well as information from the company’s casino operations.
Similarly, in mid-December Norway’s Hurtigruten reported what it called a “comprehensive data attack” in the form of ransomware. Hurtigruten's global IT infrastructure appeared to be affected with a number of systems being taken down. Hurtigruten said that the probability that the attackers gained access to larger amounts of guest data was low, but it was possible that some employee information might have been compromised.
Elsewhere in the shipping industry, CMA CGM also suffered a high-profile cyberattack in 2020 that took its online systems down for a week, and even the International Maritime Organization was briefly offline due to malware.