Carnival Corporation – the world’s largest cruise operator – has confirmed a digital heist, a month after hacking crew ShinyHunters claimed to have stolen millions of customers’ records.
The breach, Carnival confirmed, stemmed from an April 14 social engineering attack on an employee, though the company declined to comment on the scale or name ShinyHunters.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Qantas hit by cyber attack, leaving 6 million customer records at risk of data breach
July 2, 2025
Qantas is warning a “significant” amount of customer data has likely been stolen from its records during a cyber attack. The airline has released a statement saying that, on Monday, it detected unusual activity on a third-party platform used by a Qantas airline contact centre. The airline said 6 million customers had service records in this ...
- Data possibly stolen and council services offline after Glasgow cyber attack
June 25, 2025
Glasgow City Council has warned that personal data may have been stolen in a cyber attack affecting its services. The local authority was alerted to malicious activity on servers managed by a third-party supplier on June 19. Due to affected servers being taken offline, a number of services are currently unavailable, including planning applications, paying parking ...
- AT&T agrees to $177 million settlement over data breach
June 25, 2025
Current and former AT&T customers may be eligible for a payout from a $177 million settlement connected to two data breaches. A U.S. judge granted preliminary approval on June 20 to the settlement that resolves lawsuits against AT&T over the 2019 and 2024 incidents. The company announced in July 2024 that call and text message records ...
- U.S. Department of Defense Employee Charged with Unlawful Retention of Classified Documents
June 24, 2025
A civilian employee of the U.S. Department of Defense (DoD) was arrested and made her initial court appearance yesterday to face charges of unauthorized removal and retention of classified documents. Ewa Maria Ciszak, 64, of Huntsville, Alabama, is charged with knowingly removing and retaining classified documents and materials. According to court documents unsealed today in the ...
- M&S cyber attack deepens as tech partner TCS denies blame
June 20, 2025
Tata Consultancy Services (TCS), the tech firm at the centre of speculation around the M&S cyber attack, has claimed that none of its systems or users were compromised in the incident. The statement, delivered at the company’s annual shareholder meeting, is the first public comment from the group since M&S was hit by a major cyber ...
- UBS bank reports data leak after attack on its external supplier
June 18, 2025
Zurich-based banking giant UBS Group has confirmed that company information was stolen during a cyberattack on one of its external suppliers, though it assured that no client data was compromised. The bank said the breach was part of a larger cyber incident affecting multiple companies, including former UBS affiliate Chain IQ and Swiss private bank Pictet. ...