Morningstar
Carnival Corporation Data Breach Affects Nearly 6 Million Customers
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Carnival Corporation reported a significant data breach affecting approximately 6 million customers due to a social engineering attack on an employee's account. The breach was detected on April 14, 2026, when unauthorized activity was identified. The attackers, linked to the ShinyHunters group, reportedly accessed sensitive personal information including names, addresses, email addresses, phone numbers, dates of birth, and government-issued identification numbers. Carnival began notifying affected individuals on May 27, 2026, offering two years of complimentary credit monitoring through TransUnion. The company is enhancing its security measures and has engaged third-party experts for further investigation. The breach is part of a larger trend of cyberattacks targeting various organizations, with ShinyHunters known for previous high-profile incidents. Legal actions are being pursued against Carnival for alleged failures in timely notification.
Key Points: • Nearly 6 million customers affected by a data breach at Carnival Corporation. • The breach was caused by a social engineering attack on an employee's account. • Carnival is offering two years of free credit monitoring to affected individuals.