RSS

Carnival Cruise confirms data breach affecting nearly 6M people

Brajeshwar1 pts0 comments

Carnival Cruise confirms data breach affecting nearly 6 million people

Home<br>News<br>Security<br>Carnival Cruise confirms data breach affecting nearly 6 million people

Carnival Cruise confirms data breach affecting nearly 6 million people

By Sergiu Gatlan

May 28, 2026

06:49 AM

Carnival Corporation, the world's largest cruise line operator, has confirmed a data breach affecting nearly 6 million people claimed by the ShinyHunters extortion gang in April 2026.

The cruise line giant has over 160,000 employees and served around 13.5 million guests in 2024 via a fleet of over 90 ships.

Carnival operates nine of the world's leading cruise line brands (Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, and Seabourn) and a travel tour company (Holland America Princess Alaska Tours), and it reported revenues of over $26 billion last year.

The company started notifying 5,995,277 customers on Wednesday that threat actors stole their data in an April 10 breach after gaining access to some of its IT systems in a social engineering attack.

"On April 14, 2026, the Company's IT security team identified unauthorized activity involving an employee's account. An unauthorized actor used social engineering to deceive an employee to gain access to a limited portion of the Company's IT system," the company said in data breach notification letters sent to affected individuals.

"The Company acted swiftly to block the unauthorized activity and immediately began working with third party security experts to further strengthen our security and to conduct a thorough investigation. On April 22, 2026, the Company first determined that the bad actor illegally copied personal information."

While Carnival has yet to attribute the attack, the ShinyHunters cybercrime group claimed responsibility for the breach in April, saying they stole documents containing over 8.7 million records with personally identifiable information and terabytes of internal corporate data.

Carnival on ShinyHunters leak site (BleepingComputer)

Although a Carnival spokesperson didn't reply when BleepingComputer reached out to confirm ShinyHunters' claims and for more details on what data was stolen in the attack, data breach notification service Have I Been Pwned analyzed the data leaked by the extortion gang and said the breach exposed affected people's names, dates of birth, email addresses, genders, geographic locations, and loyalty program details.

"The data contained fields indicating it related to the Mariner Society loyalty program run by Holland America, a cruise line brand under Carnival, and included names, dates of birth, genders and data relating to status within the loyalty program," Have I Been Pwned noted.

Over the past year, ShinyHunters has been targeting Salesforce customers and has breached hundreds of companies worldwide, claiming to have stolen billions of records in the Salesloft Drift campaign and the Salesforce Aura data theft attacks.

The FBI advised ShinyHunters' victims two weeks ago not to pay the attackers' ransom demands, after previously warning that doing so does not guarantee the threat actors won't attempt to extort the victims again or sell the stolen data to other cybercriminals.

Carnival Corporation disclosed other data breaches in March 2020 and June 2021 that exposed personal and financial information belonging to customers, employees, and crew after threat actors gained access to Carnival employees' email accounts.

Ransomware gangs also stole the personal information of Carnival customers and employees after breaching the company's systems in August 2020 and December 2020.

The Validation Gap: Automated Pentesting Answers One Question. You Need Six.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.<br>This guide covers the 6 surfaces you actually need to validate.

Download Now

Related Articles:

7-Eleven data breach exposes personal information of 185,000 people<br>7-Eleven confirms data breach claimed by the ShinyHunters gang<br>Instructure reaches 'agreement' with ShinyHunters to stop data leak<br>Home security giant ADT data breach affects 5.5 million people<br>Data breach at edtech giant McGraw Hill affects 13.5 million accounts

Breach

Carnival

Cruise

Data Breach

ShinyHunters

Sergiu Gatlan

Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.

Previous Article

Next Article

Post a Comment Community Rules

You need to login in order to post a comment

Not a member yet? Register Now

You may also like:

Upcoming Webinar

Popular Stories

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

Charter confirms data breach after ShinyHunters extortion...

data breach carnival cruise shinyhunters people

Related Articles

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries

SpaceX not the behemoth everyone thought

kaycebasques13 pts_blockquote instagram data vars text media

The Mirror Is Part of the Machine

london_safari10 ptstelemetry mirror decision logs enough time
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.