A large-scale cybersecurity incident has impacted Carnival Corporation after hackers allegedly gained access to millions of customer records through a phishing attack targeting an employee account.
The global cruise operator confirmed that its IT security team detected unauthorized activity on April 14, 2026, involving a single employee account compromised through social engineering tactics.
“On April 14, 2026, the company’s IT security team identified unauthorized activity involving an employee’s account. An unauthorized actor used social engineering to deceive an employee and gain access to a limited portion of the company’s IT system,” the company said.
The breach surfaced weeks after the ShinyHunters hacking group claimed responsibility for stealing customer data and listing the company on its “pay or leak” portal on April 18.
According to cybersecurity platform Have I Been Pwned, the leaked database allegedly contained 8.7 million records, including 7.5 million unique email addresses linked to the Mariner Society loyalty program operated by Holland America Line, a subsidiary of Carnival Corporation.
The exposed information reportedly included names, dates of birth, genders, email addresses and loyalty program status details.
However, Carnival stated in an official data breach filing with authorities in Maine that 5,995,277 individuals were affected by the incident.
The company began notifying impacted customers on May 27, 2026, and announced that eligible U.S. residents would receive 2 years of complimentary credit monitoring services through TransUnion.
“In addition to the security measures already in place before the incident, the company has taken steps to further safeguard its systems, including enhancing its security and monitoring controls. The company will continue advancing its IT security and data privacy controls to address evolving threats,” the company concluded.
The latest incident has once again raised concerns over phishing attacks, customer data protection and the growing threat posed by cybercriminal groups targeting large global enterprises.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.