Carnival Corporation Investigates Alleged Data Breach by ShinyHunters Extortion Group Carnival Corporation, the global cruise operator behind brands like Carnival Cruise Line, Princess Cruises, and Holland America Line, is probing a potential data breach after the ShinyHunters extortion group claimed to have stolen over 8.7 million records containing personally identifiable information (PII) and internal corporate data. On April 18, ShinyHunters listed Carnival on its "pay or leak" portal, threatening to release the data publicly if demands were not met by April 21, 2026. The group, known for high-profile breaches, typically gains access through phishing, credential theft, or cloud service exploitation. Carnival confirmed detecting suspicious activity linked to a phishing incident affecting a single user account. In a statement, the company acknowledged the breach, stating it had blocked unauthorized access and was working with security experts to assess the scope. While the investigation is ongoing, Carnival has not confirmed whether customer data was compromised. ShinyHunters’ claims remain unverified, but even limited account access could lead to significant exposure if linked to internal systems or cloud-based tools. Carnival, which serves millions of passengers annually, remains a prime target for cybercriminals seeking financial leverage through extortion. The incident underscores the rising threat of phishing-driven breaches in enterprise environments.

Carnival Corp. Reports Cybersecurity Incident Involving Employee Account Compromise Carnival Corporation, the global cruise operator, disclosed a cybersecurity incident on May 27 after detecting unauthorized access to an employee’s account in April. The breach, executed through social engineering tactics, led to the exposure of personal data, including names, addresses, and government-issued identification numbers. The company acted swiftly to contain the incident, blocking further unauthorized activity and enlisting third-party security experts to investigate. Affected individuals are being notified via email, with U.S. customers offered two years of free credit monitoring through TransUnion, beginning May 27. In response, Carnival has bolstered its security protocols and monitoring controls, committing to further enhancements in IT and data protection measures. This incident follows a 2021 breach that compromised guest, employee, and crew data across multiple Carnival brands, including Carnival Cruise Line, Holland America Line, and Princess Cruises.

Princess Cruises had a data breach which compromised employee and guest personal information. In late May 2019, a series of deceptive emails were sent to employees that resulted in unauthorized third-party access to some employee email accounts. Princess cruises was shut down to prevent further unauthorized access. The unauthorized third-party access compromsed certain email accounts containing employee and guest personal information, including names, Social Security numbers, government identification numbers, such as passport numbers, national identity card numbers, credit card, and financial account information, and health-related information.