Carnival Corporation – the world’s largest cruise operator – has confirmed a digital heist, a month after hacking crew ShinyHunters claimed to have stolen millions of customers’ records.
The breach, Carnival confirmed, stemmed from an April 14 social engineering attack on an employee, though the company declined to comment on the scale or name ShinyHunters.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- A website mapped Tesla owners and their personal information amid a wave of attacks
March 20, 2025
Tesla owners confirmed on Wednesday that an online map decorated with an image of a Molotov cocktail includes accurate personal information about them, such as residential addresses, raising fears that activists opposed to billionaire Tesla CEO Elon Musk could target them for vandalism. The online map went live Monday, displaying the names, addresses and contact information ...
- Pennsylvania: Half a million teachers hit in major data breach
March 19, 2025
Even if you practice perfect cyber hygiene, you can still wake up to find yourself amid a major security crisis resulting from a data breach, and that’s exactly what happened to half a million teachers. As reported by The Record, over 500,000 teachers and other employees who work in education across Pennsylvania’s public schools had their ...
- Sperm bank breach deposits data into hands of cybercriminals
March 19, 2025
Sperm donor giant California Cryobank has announced it has suffered a data breach that exposed customers’ personal information. California Cryobank (CCB) is a sperm donation and cryopreservation firm and one of the US’ top sperm banks. As such, it services all US states and over 30 countries worldwide. The data breach notification states that the breach ...
- Critical Security Incident involving GitHub Action tj-action/changed-files
March 17, 2025
A critical security incident involving the tj-actions/changed-files GitHub Action has been reported. The changed-files action, which allows GitHub repositories to track file changes, has been tampered with to allow the exposure through GitHub Actions build logs of CI/CD secrets, including passwords, tokens, API keys, PII and other sensitive data that have been embedded within software code. ...
- Amazon is still hosting spyware victims’ data weeks after breach alert
March 13, 2025
Amazon will not say if it plans to take action against three phone surveillance apps that are storing troves of individuals’ private phone data on Amazon’s cloud servers, despite TechCrunch notifying the tech giant weeks earlier that it was hosting the stolen phone data. Amazon told TechCrunch it was “following process” after our February notice, ...
- Bank Of America Alerts Customers To Data Breach, Offers Identity Theft Protection For Affected Accounts
March 11, 2025
The Bank of America has alerted a small group of its customers about a data breach that may have exposed confidential information. The breach, which took place on December 30, was a result of improper handling of confidential documents by a third-party document destruction service provider. The breach could have potentially exposed sensitive data, including personal ...