Cruise operator Carnival Corp. has reported a data breach that included the personal information of more than 800,000 Texans, according to the Texas Attorney General’s Office.
Headquartered in Miami, Carnival is the world’s largest cruise company. The company has more than 90 ships across its Carnival, Princess Cruises and Holland America fleets. Four Carnival ships call the Port of Galveston home.
The company said in a statement Wednesday that “an unauthorized actor used social engineering to deceive an employee to gain access to a limited portion of the company’s IT system.” The breach occurred April 14.
As a result, the names, addresses, contact information, dates of birth and government-issued identification numbers of millions of cruisers may have been leaked. An estimate from the Maine Attorney General’s Office said the hack affected 5,995,277 people.
Carnival is still doing an internal analysis of the breach, the company said in a statement.
Those affected by the leak will be notified by email as possible, the company said. Those who believe their information may have been compromised can reach out to the Texas Attorney General’s Office or the cruise line.
In its statement, Carnival said that it would offer affected U.S. customers two years of free credit monitoring through TransUnion. All of those affected should enroll in free credit monitoring, review account activity and credit reports, and report suspected identity theft to local authorities, the company said.
The news follows the cruise line’s announcement last month that its newest ship, the Tropicale, will homeport in Galveston in 2028 and feature the “star of Texas” on its bow.
