Skip to main content



Wednesday, August 19, 2020 

Cruise ship operator Carnival Corporation has filed a report with the US Securities and Exchange Commission disclosing that it has detected a ransomware attack that accessed and encrypted a portion of one of the group brandís IT systems.

The unauthorised access included the download of certain data files. Carnival says it has launched its own investigation and notified law enforcement agencies. It has engaged legal counsel and other incident response professionals. During the investigation of the incident, Carnival has implemented containment and remediation measures to address the situation and reinforce the security of its IT systems. The Company is working with cybersecurity firms to respond to the threat, defend the Company’s information technology systems, and conduct remediation.

A statement issued by Carnival says that based on its preliminary assessment and on the information currently known (in particular, that the incident occurred in a portion of a brand’s IT systems), it does not believe the incident will have a material impact on its business, operations or financial results. However, as the security event included unauthorised access to personal data of guests and employees, this may result in potential claims from guests, employees, shareholders, or regulatory agencies. Carnival understands that no other company’s brands have been impacted by this incident, but is unable to offer assurance that other brand IT systems will be unaffected.

Reader Comments (0)

There are currently no comments on this article. Why not be the first and leave your thoughts below.

Leave Your Comment

Please keep your comment on topic, any inappropriate comments may be removed.

Return to index