{“lastseen”:”2026-05-28T14:05:07″,”description”:”Carnival Corporation, parent of Carnival Cruise Line, is sending out fresh \u201cNotice of Cybersecurity Event\u201d letters dated May 27, 2026. If you feel like you’ve read that sentence before, you’re not imagining things. Over the last decade, the world\u2019s largest cruise operator has accumulated a worrying track record of breaches, ransomware incidents, and regulatory penalties, with this 2026 incident adding yet another entry to an already lengthy cybersecurity history.\\n\\nThere are several data breaches involving Carnival Corporation or one of its subsidiaries in our database.\\n\\nBetween 2019 and 2021 alone, Carnival reported four separate cybersecurity events to the New York Department of Financial Services. These included two ransomware attacks and a phishing incident in which attackers deployed malware, accessed and encrypted internal systems, and stole personal customer and employee information.\\n\\nIn this latest case, an attacker used social engineering to trick a Carnival employee into granting access to part of the company\u2019s IT systems on April 14, 2026. By April 22, they used a compromised account to access a \u201climited portion\u201d of Carnival\u2019s IT systems, where they were able to copy personal data before being blocked.\\n\\nAccording to the data breach notice filed in Maine, a total of 5,995,277 people were affected. Carnival determined that the intruder had illegally copied files containing personal information and is now writing to affected individuals to tell them that \u201cdata elements\u201d relating to them were obtained.\\n\\nResearchers cited by Gblock say the stolen data appears to include:\\n\\n * Full names\\n * Email addresses\\n * Dates of birth\\n * Genders\\n * Mariner Society membership status and tier\\n * Internal customer identifiers\\n\\n\\n\\nThe template letter does not list specific data fields. Instead, it uses a placeholder:\\n\\n\\u003e \u201cWe have determined that your \\u003c\\u003cdata elements\\u003e\\u003e were obtained.\u201d \\n\\nThis strongly suggests that Carnival is populating each letter with data categories relevant to that particular individual, a common pattern in large breaches where people may have provided different information at different times.\\n\\nFurthermore, the letters contain the usual content about the speed with which the company acted, involving third\u2011party experts, and frame the affected systems as a limited subset of the environment. For recipients, the important fact is not how limited the breach was from the company\u2019s point of view, but whether the exposed information could be used for identity theft, fraud, or highly convincing phishing attacks.\\n\\n* * *\\n\\n\\n\\n### **Breaches happen every day.** Don’t be the last to know.\\n\\nSEE PLANS\\n\\n* * *\\n\\nWe do know from past Carnival incidents that exposed data has included names, addresses, dates of birth, passport numbers, health information, and payment details. In previous breaches affecting cruise lines, compromised data has ranged from basic contact details to Social Security numbers and credit card information. Carnival has not publicly disclosed the full categories of data involved in the 2026 incident, but given that this 2026 event again involves \u201cpersonal information\u201d copied from internal systems, it is reasonable to treat it as a serious privacy incident, even if the exact mix of data varies per person.\\n\\nThe attack was claimed by extortion group ShinyHunters, which is known to steal data and then ask for a ransom. If the victim does not agree to the terms, the data will be published and\/or sold to the highest bidder.\\n\\nShinyHunters offers Carnival data for download\\n\\nFrom a cybercriminal\u2019s perspective, cruise industry data is highly prized. Cruise passengers are often relatively wealthy, and passenger records can combine identity data (names, addresses, dates of birth, passport numbers), contact data (emails, phone numbers), and potentially payment data (card numbers and sometimes bank details), making them valuable for identity theft, targeted phishing, and fraud.\\n\\n## What to do if you\u2019re affected\\n\\nTo mitigate the fallout, Carnival is offering a complimentary 24\u2011month TransUnion credit\u2011monitoring package, delivered via the MyTrueIdentity platform and supported by Cyberscout for fraud assistance. \\n\\nBe cautious of emails, texts, or calls claiming to come from Carnival or credit-monitoring providers, as cybercriminals often exploit breaches with phishing scams. Read our advice on what to do when you find out you\u2019re involved in a data breach.\\n\\n* * *\\n\\n**What do cybercriminals know about you?**\\n\\nUse Malwarebytes\u2019 free **Digital Footprint scan** to see whether your personal information has been exposed online.\\n\\nSCAN NOW”,”published”:”2026-05-28T12:04:52″,”modified”:”2026-05-28T12:04:52″,”type”:”malwarebytes”,”title”:”Carnival confirms data breach impacting nearly 6 million”,”source”:””,”references”:””,”id”:”MALWAREBYTES:ABD9B0EEEB1A018973AAABAA3373A5D8″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/data-breaches\/2026\/05\/carnival-confirms-data-breach-impacting-nearly-6-million”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-05-28T14:05:07″,”description”:”Carnival Corporation, parent of Carnival Cruise Line, is sending out fresh \u201cNotice of Cybersecurity Event\u201d letters dated May 27, 2026. If you feel like you’ve…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-57739","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n