Carnival Corporation, the world's largest cruise line, has suffered a data breach that has stolen the personal information of customers, crew members and other employees
According to a breach notification obtained by Bleeping Computer, "names, addresses, phone numbers, passport numbers, dates of birth, health information, and in limited instances, additional personal information such as social security numbers and national identification numbers" were stolen"There is evidence that the data is unlikely to be misused," the notice letter states The letter cites no such evidence
This is at least the fourth time Carnival has had its internal systems hacked; according to Bleeping Computer, last year Carnival suffered two ransomware attacks and another that resulted in a data breach
US-based Carnival Corporation and its British twin, Carnival PLC, are Carnival Cruise Line, Holland America Line, Princess Cruises, Cunard Line, P&O Cruises, Seabourn Cruise Line, Costa Cruises, and Aida Cruises, which it co-owns and operates worldwide
A Carnival spokesperson told ABC News that the company detected a breach of its information systems on March 19 and subsequently launched an investigation
Carnival has not disclosed the number of people whose personal information may have been stolen in this data breach, but if you receive a letter notifying you of it, you should take it very seriously
Your full name, current address, date of birth, and social security number, all of which were revealed in this breach, are all information criminals need to open accounts in your name
Carnival is offering all affected individuals 18 months of free identity theft protection and credit monitoring provided by Cyberscout Carnival customers and employees can call (800) 905-0687 weekdays or email cruisedataevent@cyberscoutcom for more information Instructions and registration codes are included in the Notice of Information Breach
Tom's Guide recommends that affected individuals subscribe to the company's identity theft protection subscription, but please read the fine print before doing so Accepting this suggestion may limit their ability to take legal action against the company if their identity is indeed stolen as a result of this breach
Also note that Carnival's cyberscout offer monitors only one of the Big Three credit reporting agencies and lasts only 18 months Many other large companies that have had customer identities stolen, such as Volkswagen last week, offer two years of credit monitoring and identity theft protection Some of these offers monitor all three major credit bureaus, not just one
For a more detailed description of the types of credit monitoring and identity protection available to consumers, see our page on the best identity theft protection services
Comments