Carnival Corporation Data Breach Exposes Sensitive Customer Information in Major Cyberattack
MIAMI, FLORIDA — Carnival Corporation, the world’s largest cruise line operator, has confirmed a significant data breach compromising personal and financial data of millions of customers, prompting a federal investigation. According to a formal statement released Tuesday, the cyberattack targeted the company’s internal network between March and April 2025, exposing names, addresses, passport numbers, and credit card details of passengers across multiple brands, including Carnival Cruise Line, Princess Cruises, and Holland America Line. The breach was detected after unusual activity was flagged in the company’s financial systems, leading to an immediate containment effort and notification of law enforcement. Carnival Corporation stated it is cooperating with the Federal Bureau of Investigation and the Department of Homeland Security, while offering complimentary credit monitoring services to affected individuals. The incident raises concerns over heightened cybersecurity risks in the travel industry, as hackers allegedly exploited vulnerabilities in third-party vendor software. Customers are advised to monitor their accounts for unauthorized transactions and report any suspicious activity to authorities. Further details on the total number of impacted individuals remain under review, with a full audit expected within the next 30 days.