Carnival Corp., already hit with a complete halt of business since April due to the coronavirus pandemic, is the latest major company to reveal the discovery of a ransomware attack.
The company reported to the U.S. Securities and Exchange Commission in an 8-K filing Monday that it had detected a ransomware attack on Aug. 15 that “included unauthorized access to personal data of guests and employees.”
The company said the attack “accessed and encrypted a portion of one brand’s information technology systems” and also “included the download of certain of our data files.”
“Promptly upon its detection of the security event, the Company launched an investigation and notified law enforcement, and engaged legal counsel and other incident response professionals,” Carnival said in a statement.
While the company says it “does not believe the incident will have a material impact on its business, operations or financial results,” there may be “potential claims from guests, employees, shareholders, or regulatory agencies.”
The company did not say whether it paid a ransom to reassert control over its data or how many files were affected.
In ransomware attacks, hackers gain access to sensitive files, then encrypt them so the owner of the files cannot access them. They then demand payment to unlock the files, sometimes posting some of the files on Websites or sharing them with the media, in order to pressure companies to pay.
Carnival joins Konica Minolta, Jack Daniels-making wine and spirits giant Brown-Forman, Canon, and Garmin as companies in the past two weeks to be either hit with a ransomware attack or reveal a previous such breach, according to a story on the tech news site TechRepublic. Hackers have also targeted federal, state, and local government Websites with ransomware attacks.
Carnival says it has “implemented a series of containment and remediation measures to address this situation and reinforce the security of its information technology systems” and has hired “industry-leading cybersecurity firms to immediately respond to the threat, defend the Company’s information technology systems, and conduct remediation.”