- Carnival Corporation is offering two years of complimentary credit monitoring to nearly six million U.S. customers following a data breach that occurred in April.
- The breach compromised the personal information of 5,995,277 people after a hacker used social engineering to deceive an employee and gain access to a limited portion of the company’s IT system.
- Compromised data includes names, addresses, email addresses, phone numbers, birth dates, and government-issued identification numbers such as driver’s license and passport numbers, though the specific information varied by individual.
- Carnival began sending individual email notifications on May 27, a timeline that has drawn criticism from some customers on online forums due to the perceived delay in communication.
- While Carnival has not publicly verified it, Security Week reported that the extortion collective ShinyHunters has claimed responsibility for the cyberattack.
IN FULL
