Cruise operator Carnival Corp said on Thursday it had detected unauthorized access to its computer systems in March.
Carnival was also hit by a ransomware attack last year, which affected the information technology systems of one of its brands.
Carnival Corp alerted regulators and hired a cybersecurity firm to investigate the breach. Carnival Corp did not reveal the name of the cybersecurity company. There is no publicly available information on the company’s IT budget.
The company noticed the suspicious activity on March 19 and acted quickly to shut down the event and prevent further unauthorized access.
The breach affected personal information of some guests, employees and crew for Carnival Cruise Line, Holland America Line, Princess Cruises and medical operations.
Carnival Corp said there is evidence indicating a low likelihood of the data being misused.
Miami-based Carnival said it alerted individuals whose data had been compromised and set up a call center to respond to their queries.
The disclosure from the company comes at a time United States has witnessed a spate of increasingly bold cyberattacks on critical infrastructure.
A ransomware attack on Colonial Pipeline last month temporarily stalled one of the country’s major arteries for fuel delivery. Meatpacker JBS USA’s operations were disrupted earlier this month due to a cyberattack.
