Carnival Corporation Reports Ransomware Attack Accessed Data

Carnival Corporation reports ransomware attack
(file photo)

Published Aug 17, 2020 6:03 PM by The Maritime Executive

Carnival Corporation and Carnival plc reported that for the second time in two years that they have detected a ransomware attack that accessed and encrypted a portion of its information technology systems. Without providing specific details, the company said in a filing that the latest incident of unauthorized access included the downloading of certain data files impacting one of the company’s brands.

Carnival Corporation said that it expects that the ransomware attack included unauthorized access to personal data of guests and employees. While the filing was vague in details Carnival warned that it may result in potential claims from guests, employees, shareholders, or regulatory agencies.  In addition, they said, “Although we believe that no other information technology systems of the other company’s brands have been impacted by this incident, based upon our investigation to date, there can be no assurance that other information technology systems of the other company’s brands will not be adversely affected.”

In 2019, two of Carnival’s brands, Holland America Line and Princess Cruises reportedly were also attacked by hackers.  At the time, the company reported that their investigation revealed unauthorized third-party access to personal information, including email accounts, names, Social Security numbers, and credit card information of some guests and employees.

Ransomware and other forms of cyberattacks have reportedly been on the rise in 2020 with the maritime industry being one of the latest targets for hackers. In the past, there have been high profile attacks such as that against Maersk, and the U.S. Coast Guard warned of an attack.

Cybersecurity consultancy Naval Dome reported a 400 percent increase in attempted hacks against the maritime industry between February and June 2020. They reported that the primary cause was an increase in malware, ransomware, and phishing emails attempting to exploit the COVID-19 pandemic, but Naval Dome also believes that global travel restrictions, social distancing measures, and the economic recession are beginning to cut into companies' self-defense capabilities. An increasing number of companies are having employees work from home access their computers which also increases the risks of a cyber attack.

Carnival reported that upon detection of the security event, the company had launched an investigation and notified law enforcement, and engaged legal counsel and other incident response professionals. While the investigation of the incident is ongoing, Carnival has also implemented a series of containment and remediation measures to address this situation and reinforce the security of its information technology systems. The company said it is working with industry-leading cybersecurity firms to immediately respond to the threat, defend its information technology systems, and conduct remediation.

Based on its preliminary assessment and on the information currently known (in particular, that the incident occurred in a portion of a brand’s information technology systems), Carnival said in its report that it does not believe the incident will have a material impact on its business, operations or financial results.