Cyber Incident Victim: Carnival Corporation

Carnival Corporation, the world's largest cruise line operator with brands including Carnival Cruise Line, Princess Cruises, and Holland America Line, experienced a ransomware attack impacting one of its brands on August 15, 2020. The company disclosed the incident through an SEC 8-K filing, confirming unauthorized access to its information technology systems that resulted in the encryption of portions of its network. Carnival detected the breach promptly and activated its incident response protocols to contain the intrusion. The attack occurred during a period when global cruise operations were suspended due to the COVID-19 pandemic, though the filing did not specify operational disruptions caused by the ransomware.

The intrusion compromised personal data belonging to guests and employees across multiple Carnival brands, exposing sensitive information to potential misuse. Carnival engaged cybersecurity forensic experts and notified law enforcement agencies, including the FBI, to investigate the attack's origin and scope. The company initiated system restoration efforts while implementing additional security measures across its IT infrastructure. Carnival's SEC disclosure emphasized ongoing remediation efforts and acknowledged potential financial impacts from regulatory investigations, litigation risks, and reputational damage. No ransomware group claimed public responsibility for the attack, and Carnival did not disclose whether ransom demands were made or paid. The incident highlighted cybersecurity vulnerabilities within the maritime tourism sector during an extended operational hiatus.