Incident Of The Week: Carnival Cruise Lines Hit By Cyber-Attack

Employee, Customer Data Compromised In Apparent Email Phishing



Kayla Matthews
03/06/2020

Cruise Ship Cyber-Attack

As the tech world heats up, so do cyber security threats. A Carnival cruise ship was subject to a cyber-attack in May of 2019. Though several months have passed, the effects are still lingering, with people worrying about what will happen next.

Princess Cruises, a branch of Carnival, recently stated that the cyber-attack from May 2019 came in the form of emails targeted towards employees. This resulted in the hackers obtaining access to these employee email accounts, unauthorized.

The email accounts contained both employee and customer information. This includes names, Social Security numbers, passport and other government identification numbers, national identity cards, health-related data and financial information like credit card numbers.

This news comes in the midst of the Carnival cruise ship COVID-19 coronavirus outbreak.

Carnival's Handling Of The Matter

After Carnival staff got word of the security breach, they say they immediately shut down the attack and took steps to prevent any further infiltrations. They then hired a major cyber security company to investigate the hack, although the details of the company remain private.

The cyber security firm helped Carnival reinforce its security and privacy. They also assisted in improving the protocols that come with cyber issues. This led to the cruise sector improving cyber defenses as a whole, too.

Because of the severity of the attack, Carnival has chosen to provide affected customers with credit monitoring services as well as identify protection services, both for free. Though the aftermath still remains, taking this step helps those affected protected themselves. However, hackers have not appeared to use any of the stolen data thus fur.

See Related: Incident Of The Week: Hospitality Property Management Software Databases Expose Hundreds Of Thousands Of Travel Reservations

The Effect On Enterprises

Due to the large-scale nature of this attack, enterprises of any size will be reconsidering their cyber security. Many hackers target medium-sized businesses but with Carnival, hackers demonstrated that big businesses are vulnerable, too. Since cyber-attacks increase every year, it's important that companies prepare.

An attack like this hurts customers, clients, employees and more when hackers steal data of such value. For any enterprise with customers or clients, it can deter them from repeating purchases or deals and prevent new business. Cleaning up after a cyber-attack, too, will cost the enterprise.

Businesses of any kind can use this as a learning experience. The fallout and expenses from a cyber-attack will typically cost more than improving security beforehand. It's better to prevent rather than fix or replace.

User information is a top priority. All enterprises must implement and maintain the utmost security to protect it.

See Related: Incident Of The Week: Data Privacy Rules Not Helping Security Researchers Inform Affected Enterprises

Steps For Prevention

If your business or enterprise involves any form of private information, it requires the best cyber security. If you're searching for where to start or how to improve your existing security posture, here are two actionable steps you can take to help prevent cyber-attacks.

Your first priority should be to order a security assessment. This process entails a thorough sweep and analysis of your enterprise's security.

Standard assessments should include reviewing your policies, estimating impacts and likelihood of cyber-attacks, locating issues and vulnerabilities and providing solutions. These steps can go a long way in helping your cyber security.

Second, you should encrypt everything. Data is valuable. As technology improves, so do cyber-attacks.

Encrypting everything from data and business details, files and personal information will help prevent breaches like Carnival's.

Cyber security risks increase every day and data is continually at risk. Staying informed and alert while taking actionable steps towards prevention will help keep your enterprise safe.

See Related: Incident Of The Week: Ransomware Hits Currency Dealer Travelex

RECOMMENDED