The largest cruise line operator in the world has been exposed to ransomware attacks, with customer data also believed to have been accessed.
The Carnival Corporation, which operates more than 100 vessels in 10 different brands, including Carnival Cruise Line, Princess Cruise and Costa Cruise, this week after the attack was detected on August 15 by the US Securities and Exchange Commission (SEC) ) Informed.
In its report to the SEC, the Florida-based Carnival stated that investigations so far show that criminals had accessed and encrypted some of their computer data, and had also downloaded several data files. It added that it was likely that the security incident was also seen to be “unauthorized access to the personal data of guests and employees”.
The company said it believed the attack targeted only one of its brands, but said that at this stage it could not give any assurance that the computer systems of its other brands were not affected.
has reached out to the company to ask which brands have suffered the attack, how many customers have been affected, what personal data can be taken, and details of the demand for ransomware. We will update this piece when we hear back.
Carnival told the SEC that when it carried out the attack, it immediately notified law enforcement, and called on the services of cyber security firms to enhance the security of their computer systems and help in its investigation.
Ransomware attack uses malicious software to lock computer systems by encrypting files. Once locked, hackers demand payment from the system owner in exchange for a decryption key to gain access to the data.
Such incidents can cause huge disruption for victims – whether individuals or companies – with some feeling they have little choice to pay hackers. For example, retail currency dealer Travellex allegedly paid $ 2.3 million to gain access to its system after a ransomware attack earlier this year, while GPS and fitness-tracker firm Garmin, which last month conducted a damaging Had suffered an attack, it may have paid enough. Amount to get your system up and running again.
To avoid being a victim of a ransomware attack, you should ensure that your computer’s security software is completely up to date. You are also advised to avoid clicking unverified links in emails that may deliver malware to your system or your company’s servers. Downloading files from sites you know little about is best avoided, and steering of unfamiliar USB sticks is also recommended to be clear.
If a company succumbs to a ransomware attack, people with a strong back-up process are usually in the best place to deal with it because they can reset their systems using securely stored data.