Carnival Corporation Discloses April Data Breach Affecting 5.99 Million Customers, Offers Two-Year Credit Monitoring
Carnival Corporation disclosed a data breach that occurred in April and affected 5,995,277 individuals. The company is providing two years of free credit monitoring through TransUnion and began notifying customers on May 27.
lifehacker.comU.S. customers after a data breach compromised the personal information of 5,995,277 people. The breach occurred in April after a hacker used social engineering to deceive an employee and gain access to a limited portion of the company’s IT system.
In a regulatory filing with the Maine Attorney General’s office, Carnival disclosed that the incident exposed names, addresses, email addresses, phone numbers, birth dates and government-issued identification numbers such as driver’s license and passport numbers. The affected information varied by person. 5 million passengers in 2025.
The company stated it had comprehensive security measures in place before the hack and has taken steps to further safeguard its systems, including enhancing its security and monitoring controls. The company began sending out individual email notifications on May 27 and launched a public webpage to reach people with missing or outdated contact information.
Carnival is conducting a thorough and time-consuming analysis to determine exactly what was taken and to whom it belonged.
Carnival stated that complex incidents like this take time and careful investigation to understand what information was affected and who it belongs to, and then to ensure notifications are handled accurately. The company said its focus shifted immediately to investigating the breach and communicating with affected parties as soon as the activity was stopped.
Security Week reported that the extortion collective known as ShinyHunters has claimed responsibility for the breach.
Carnival has not publicly verified the claim or disclosed whether a ransom demand was made. To mitigate potential fallout, Carnival is partnering with TransUnion to provide two years of free credit monitoring for eligible domestic travelers. The company urged people to remain vigilant against threats of identity theft or fraud by regularly reviewing account statements and credit histories and to contact local police if they suspect fraud.
The timeline has drawn criticism from some customers on online forums like Reddit, where users expressed frustration over the delay and questioned the security of their data. The Independent has reached out to Carnival for comment.
Transparency
Reported by a single outlet. This score reflects source tier and factual specificity — corroboration is limited with one source.
Story details
Related Stories
japantoday.comAnthropic Confidentially Files for IPO After Raising $65 Billion
The artificial intelligence company behind the Claude chatbot submitted its filing on Monday, weeks after completing a funding round that more than doubled its valuation from February. Anthropic did not disclose the size or terms of the offering. The move comes as the global IPO…
New York PostFlorida Attorney General Sues OpenAI and Sam Altman, Alleging ChatGPT Caused Harm to Users
Florida Attorney General James Uthmeier filed an 83-page civil complaint Monday in the state's 10th Judicial Circuit against OpenAI and its chief executive Sam Altman.
finance.yahoo.comAlphabet to Raise $80 Billion Through Stock Offerings, Including $10 Billion Sale to Berkshire Hathaway
Alphabet announced plans to raise $80 billion through stock sales to fund AI infrastructure investments. The company reached an agreement to sell $10 billion of stock to Berkshire Hathaway.