Hackers target the world’s biggest cruise operator with ransomware
The P&O parent company says it expects that cyber criminals accessed the personal data of guests and employees


Hackers have targeted the world’s largest cruise lining company with ransomware, encrypting data from the firm that organises cruises under nine major brands including P&O and Princess Cruises.
Carnival Corporation & PLC has confirmed that hackers accessed a portion of one of its brand’s IT systems and downloaded some data files, according to a filing with the US Securities and Exchange Commission (SEC).
The cruise operator detected the attack on 15 August and took measures to secure its systems. The firm said it expects the security incident included unauthorised access to the personal data of both guests and employees, which may prompt action from guests, employees, shareholders, and regulators.
“Promptly upon its detection of the security event, the Company launched an investigation and notified law enforcement, and engaged legal counsel and other incident response professionals,” the filing said.
“While the investigation of the incident is ongoing, the Company has implemented a series of containment and remediation measures to address this situation and reinforce the security of its information technology systems.”
Despite targeting the company’s IT systems, Carnival Corporation doesn’t feel the incident will have a material impact on its business, operations or financial results. The news was revealed in an 8-K form, which is submitted when a company experiences an unscheduled event that could be key to shareholders, or the SEC.
This is the second major security incident that Carnival Corporation has disclosed this year, after two units disclosed in March that it was targeted by cyber criminals during May 2019. Holland America Line and Princess Cruises.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
An investigation conducted by both units revealed unauthorised access to personal information, including names, social security numbers and the credit card information of some guests and employees, according to Reuters.
The units, which account for 30% of Carnival Corporation’s capacity as of 30 November, said they acted to shut down the attack quickly and prevent further access to data.

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.
-
Using WinRAR? Update now to avoid falling victim to this file path flaw
News WinRAR users have been urged to update after a patch was issued for a serious vulnerability.
-
Amazon CEO Andy Jassy doubles down on the company's AI focus
News Amazon CEO Andy Jassy thinks companies need to "lean into" AI and embrace the technology despite concerns over job losses.
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs
News An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operators
News A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attack
News A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?
News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.