![]() ![]() Alabama, Arizona, Arkansas, Ohio, and North Carolina provided additional assistance and were joined by Alaska, Colorado, Delaware, the District of Columbia, Georgia, Hawaii, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Dakota, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Utah, Vermont, Virginia, West Virginia, Wisconsin, and Wyoming.Ĭarnival did not respond to a request for comment. The investigation was co-led by Connecticut, Florida, and Washington. “The CISO shall report security incidents to the audit committee in accordance with Carnival’s incident response plan.” “The CISO’s responsibilities shall also include reporting any security incident impacting 500 or more consumers in the United States to the chief executive officer, chief information officer, and chief operations officer within 48 hours of discovery,” the settlement stated. The CISO must have proper credentials, background, and expertise in information security and will oversee the implementation and maintenance of the company’s information security program. On top of these requirements, Carnival must employ a chief information security officer (CISO) going forward, according to the settlement. Undergoing an independent information security assessment.The company detected that hackers gained limited access. Maintenance of enhanced behavior analytics tools to log and monitor potential security events on the company’s network and MIAMI (CBSMiami) Carnival Cruise Lines has disclosed a data breach that took place back in March.Password policies and procedures requiring the use of strong passwords, password rotation, and secure password storage.The company detected that hackers gained limited. Multifactor authentication for remote email access J/ 6:10 PM / CBS Miami MIAMI (CBSMiami) Carnival Cruise Lines has disclosed a data breach that took place back in March.Email security training requirements for employees, including dedicated phishing exercises.Implementation and maintenance of a breach response and notification plan.On Wednesday, Carnival agreed to pay the fine for its alleged misconduct and comply with changes to strengthen its email security and breach response practices going forward, including: A multistate probe was launched, focusing on Carnival’s email security practices and compliance with data breach statutes. He said Carnival is making changes to improve security of its information systems.įrizzell said the company has notified the affected people and set up a call center to answer their questions.In March 2020, Carnival, through subsidiaries Holland America Line and Princess Cruises, reported the breach, in which names, addresses, passport numbers, driver’s license numbers, payment card information, health information, and a small number of Social Security numbers were exposed.Ĭarnival said it first became aware of suspicious email activity in May 2019, 10 months before publicly announcing the incident. The breach comes after Carnival was hit twice last year by ransomware attacks.Ĭarnival spokesman Roger Frizzell said the company detected the latest intrusion to some of its information-technology systems on March 19 and shut down access and hired a cybersecurity company to investigate. ![]() ![]() The company declined to say how many people’s information was exposed. In a letter to customers, the company indicated that outsiders might have gained access to Social Security numbers, passport numbers, dates of birth, addresses and health information of people. published 18 June 2021 Also involves Princess, Cunard, Holland America cruise lines Comments (0) (Image credit: NAN728/Shutterstock) Carnival, the world's largest cruise-line operator, has had. said Thursday that a data breach in March might have exposed personal information about customers and employees on Carnival Cruise Line, Holland America Line and Princess Cruises. Please look at the time stamp on the story to see when it was last updated.Ĭarnival Corp. This is an archived article and the information in the article may be outdated. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |