If you’ve ever been on a cruise, there’s a good chance your personal information was exposed in a major data breach. Carnival Corporation – the world’s largest cruise line operator – is warning customers about a recent hack that affected 6 million people. The incident is claimed by the ShinyHunters hacking group, which has targeted hundreds of companies in recent years, including canvas And Transunion.
Carnival Corporation operates a fleet of more than 90 ships across nine cruise lines: Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard and Seabourn. About 13.5 million people traveled with Carnival in 2025.
What Happened With the Carnival Cruise Data Breach?
According to Data breach notification In a filing with the Maine Attorney General, Carnival Corporation discovered “unauthorized activity” on its network on April 14. Threat actors used social engineering to gain access through employee accounts and copy personal information. Stolen data included Names, dates, births, email addresses, gender, geographic locations and loyalty program information. The breach occurred on April 10, and the company confirmed that personal information had been exposed on April 22.
as Bleeping computer reportsCarnival has disclosed numerous other cyber incidents in recent years in which personal information of customers, employees and crew members was compromised.
What do you think so far?
What to do if your data is stolen
Carnival began notifying those affected by the breach on May 27, so you should be on the lookout for a letter about the incident. The company is offering a free 24-month membership for credit monitoring through TransUnion’s My TrueIdentity service. Registration instructions including the activation code are included in the notice. Eligible customers will need to complete the sign-up process by August 31.
Whether or not you receive a notification of a data breach, be aware that information compromised in a hack can be used in targeted phishing attacks. Be wary of any communication that is or appears to be about Carnival or any of its cruise line brands, especially if you are asked to confirm or hand over any personal details. You should too Recommended steps to protect against identity theftIncluding freezing your credit and monitoring your accounts for suspicious activity.
