Cruise ship operator Carnival Corporation has reported that it has fallen victim to an unspecified ransomware assault which has accessed and encrypted a portion of a person of its brand’s IT methods – and the own info of both of those its clients and employees may possibly be at possibility.
Carnival, which like the relaxation of the journey market has been stricken by the Covid-19 pandemic – it also operates Princess Cruises, proprietor of the sick-fated Diamond Princess, which observed by itself at the centre of the preliminary outbreak – described the incident to the US Securities and Exchange Commission (SEC) on 17 August.
In its form 8-K submitting, the corporation explained the cyber criminals who accessed its systems also downloaded a amount of its info files, which suggests it may be at imminent chance of a double extortion attack of the sort perpetrated by the Maze and ReVIL/Sodinokibi teams.
“Promptly upon its detection of the security party, the business released an investigation and notified legislation enforcement, and engaged lawful counsel and other incident response professionals,” said Carnival.
“While the investigation of the incident is ongoing, the business has applied a collection of containment and remediation steps to tackle this circumstance and boost the protection of its IT programs. The firm is performing with marketplace-primary cyber safety corporations to instantly reply to the threat, protect the company’s IT devices, and carry out remediation.”
Carnival claimed that primarily based on its preliminary evaluation, and on the information and facts at the moment recognised, the incident will not materially impact its business enterprise, functions or economical success.
“Nonetheless, we assume that the stability event provided unauthorised accessibility to personal info of company and employees, which may well result in opportunity claims,” it mentioned. “Although we consider that no other IT devices of the other company’s brands have been impacted by this incident centered on our investigation to day, there can be no assurance that other IT devices of the other company’s brands will not be adversely influenced.”
Carnival is the world’s most important cruise operator – it employs much more than 150,000 staff members and in more auspicious situations welcomes 13 million persons on board its ships each 12 months. In addition to Carnival Cruise Line and Princess Cruises, it also runs the Costa, P&O Australia, P&O Cruises, Holland American Line, AIDA, Cunard and Seabourn manufacturers. It has not yet disclosed which of these operations was afflicted.
Dan Panesar, Uk and Ireland director at Securonix, a expert in protection facts and event management (SIEM), mentioned that with the theft of personal information, the Carnival incident looked established to verify a specially horrible 1.
“It appears the attackers have used the typical diversion of a ransomware attack to divert consideration from the authentic aim of the attack, which was to steal worthwhile and delicate info,” he said.
Anurag Kahol, CTO at cloud security company Bitglass, additional: “The journey industry is an very desirable concentrate on to cyber criminals, as they can accumulate and retail store individually identifiable information and facts [PII] on billions of travellers each and every yr, including passport numbers, credit history card information and facts, e-mail addresses and much extra.”