ShinyHunters Breach Exposes 7.5M Emails from Carnival's Loyalty Program

Severity: Medium (Score: 54.8)

Sources: Theregister, haveibeenpwned.com

Summary

In April 2026, the hacking group ShinyHunters claimed to have breached Carnival Corporation, exposing 8.7 million records, including 7.5 million unique email addresses tied to the Mariner Society loyalty program of Holland America Line. The leaked data contains personal information such as names, dates of birth, genders, and membership status. Carnival acknowledged a phishing attack that compromised a single user account but downplayed the incident's scope. ShinyHunters, known for extortion tactics, published the data after negotiations with Carnival reportedly failed. The breach raises concerns about potential phishing and fraud targeting affected individuals. The company is currently investigating the incident and has not confirmed the full extent of the data accessed. Security experts advise affected customers to be vigilant about their email security. Key Points: • ShinyHunters claims to have leaked 8.7 million records from Carnival's loyalty program. • Carnival reported a phishing attack involving a single user account but downplayed the breach's scope. • The exposed data includes sensitive personal information, raising risks of phishing and fraud.

Key Entities

• Data Breach (attack_type)
• Phishing (attack_type)
• Carnival (company)
• Carnival Corporation (company)
• Holland America (company)
• Holland America Line (company)
• CWE-200 - Exposure of Sensitive Information (cwe)
• T1078 - Valid Accounts (mitre_attack)
• T1566 - Phishing (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)