Hackers accessed personal information of guests, employees & crew for Carnival Cruise, Holland America and Seabourn as well as casino operations.
They accessed personal information of guests, employees & crew for 3 cruise-line brands & the casino operations of Carnival Corp. in a ransomware attack the company observed on Aug. 15, officials have confirmed.
Carnival is still investigating, the company mentioned in an update on the situation this week. Carnival has been working with cyber-security consultants to recover its files & believes there is a “low likelihood of the data being misused,” the company suggested.
Encrypted
Carnival had already revealed that it was the target of a ransomware attack 2 days after the incident, on Aug. 17. At the time they acknowledged that hackers had accessed & encrypted a portion of 1 brand’s information technology systems, as well as downloaded data files from the company.
Carnival continues to work “as quickly as possible to identify the guests, employees, crew & other individuals whose personal information may have been impacted,” says the update. Within 30-60 days, Carnival plans to finish the process & notify those known to be affected, provided the company has their current contact information.
Dedicated Call Centre
Anyone who believes they may have been affected can contact a dedicated call centre the company set up to answer questions regarding the event, Carnival commented. “When the investigation is complete, callers may confirm whether or not their information was affected,” the company observed.
Cruise operators, like many other tourist services-oriented companies, have been hit hard during the COVID-19 pandemic, which has inspired hackers to take advantage of their troubled situation. Indeed, threat actors have been on nearly constant attack across industries since March when news of the pandemic 1st hit across the world, inspiring business closures & stay-at-home orders that left organisations vulnerable.
Continued Vigilance
Describing the attack as “yet another example of the importance of proper investment in cyber security programs to protect company & customer data,” Terence Jackson, CISO at cloud privileged access management solution provider Thycotic, stressed continued vigilance as the pandemic persists.
“Attackers are not taking it easy during the pandemic,” he stated in an e-mail. “They are stepping the attacks up & we have to be ready.”
Continuity & Disaster
Business continuity & disaster recovery are 2 areas companies should consider strengthening during this unique time of vulnerability to attacks, noted Steve Durbin, MD of the Information Security Forum.
“Established plans that depend on employees being able to work from home, for example, do not stand up to an attack that removes connectivity or personally targets individuals as a means of dropping ransomware into the corporate infrastructure,” he observed.
Downtime
“Revised plans should cover threats to periods of operational downtime caused by attacks.”
Carnival commented it is indeed taking proactive steps to strengthen its security position, reviewing security & privacy policies & procedures & implementing changes when needed to enhance information security & privacy controls as it continues its review of the incident.
https://www.cybernewsgroup.co.uk/virtual-conference-november-2020/