https://www.scmagazine.com/home/email-security/carnival-discloses-new-data-breach-on-email-accounts/
Exploit: Hacking
Carnival Cruise Lines: Cruise Ship Operator
Risk to Business: 1.651= Severe Perennially cybersecurity challenged cruise line Carnival issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees. The company said that the data snatched was collected during the travel booking process, through the course of employment or from providing services to the company, including COVID or other safety testing.
Risk to Business: 1.802= Severe The poassenger data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers. No clear information was provided about the employee information that was exposed.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This is the third major cybersecurity blunder for Carnival in just one year, and that is likely to create a great deal of mistrust with consumers just as the travel industry is getting back on it’s feet.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
