Anyone else have their personal data emailed to other guests?

Hey friends - got a letter from MSC saying they accidentally sent our cruise ticket to another guest 8 weeks ago, which had name & addresses & birth dates & passport numbers (y'know, everything you need to have identity stolen!).

Has anyone else received such a letter lately? Wondering if it is isolated case or more widespread breach. They blamed "a contractor" and sent us a document on how to "further protect your personal data". :rolleyes:

According to another thread, you're not the only one:

https://boards.cruisecritic.com/showthread.php?p=57194879#post57194879

My cruise companion and I also got this letter. We are not at all happy with MSC right now!

Thanks for that share, Beamafar! Yep - seems MSC is playing this down trying to pretend it was a unique error (all letters say they singled out "one other guest" who was sent all the personal info and they erased it). Really gets old when these companies are not only so totally careless with our personal information but then pretend like it was isolated and nothing to worry about. Just add MSC to the list of dishonest companies...

Hey friends - got a letter from MSC saying they accidentally sent our cruise ticket to another guest 8 weeks ago, which had name & addresses & birth dates & passport numbers (y'know, everything you need to have identity stolen!).

 

 

Has anyone else received such a letter lately? Wondering if it is isolated case or more widespread breach. They blamed "a contractor" and sent us a document on how to "further protect your personal data". :rolleyes:

I didn't see your thread as I just posted a thread, we received the same letter today and as I stated, it has us un-nerved.

Did you also happen to be on the 9/1/18 cruise on the Seaside? I wonder how many others have received these letters. All I know is this stinks and MSC better do something about this occurring again or some lawsuits could be on the horizon.

We were on the Seaside 9/1/18 sailing. I wonder how many others this happened to?

No.

Pam and I got the same letters from MSC this week. We thought we were alone...

Hey friends - got a letter from MSC saying they accidentally sent our cruise ticket to another guest 8 weeks ago, which had name & addresses & birth dates & passport numbers (y'know, everything you need to have identity stolen!).

 

 

Has anyone else received such a letter lately? Wondering if it is isolated case or more widespread breach. They blamed "a contractor" and sent us a document on how to "further protect your personal data". :rolleyes:

There is not such a thing today as personal data. Millions know your name ,address and birthday if you do any transaction on internet. . I would not worry at all.

Myself and friend sailed on the 9/1/18 seaside, we both got the big white envelope letter today. What should we do? Cancel c.c. used onboard or just sit and wait?

Sent from my SM-S320VL using Forums mobile app

I don’t think that the credit card info was part of the breach. If it was the cruise ticket as they mentioned in their letter the compromised information would include:

passenger name,

nationality,

date of birth,

gender,

place of birth,

passport number,

passport date of issue,

passport date of expiration, passport country of issue,

passenger address,

passenger home and mobile telephone number,

passenger email,

passenger emergency contact,

MSC booking number,

MSC guest number,

cabin number, itinerary,

prepaid services,

excursions.

If the dates in the letter were correct it would seem that MSC found out about the breach on Sept 3rd while those of us who were affected were onboard the ship.

The breach apparently occurred on August 17th.

MSC had a very similar issue with a breach of information a few years ago. Those effected may want to do a search here for the threads where passport numbers were reportedly compromised. It was a slew of people and went on for several months. One of my preferred travel agencies stopped selling MSC products and called the data breach the 'straw that broke the camels back' in dealing with MSC.

In fairness to MSC, they aren't the only ones who have compromised passport numbers.. A stolen passport number might not be as dangerous a a stolen social security number, but it's up there in terms of data I want secure. Here is a link to the BBC story of the Air Canada data breach which also happened in August. The article includes suggestions for what customers who have been effected should do. The suggestions might apply to those who have been effected here:.

https://www.bbc.com/news/technology-45349056

Unfortunately there is a large black market for passport numbers and I suspect this won't be the last time scammers try to obtain passport information. It's probably time we all put in place a monitoring system on our online accounts. Thieves have been known to hold information for years before using it.

To those effected, sorry this has happened again :(.

But msc letter states...a contractor working in our contact center mistakenly transmitted a copy of your cruise ticket on August 17,2018 to one other guest who was on your voyage.

Now if that's the case, why are there so many others getting the same letter, sounds like they are lying to us.

Sent from my SM-S320VL using Forums mobile app

But msc letter states...a contractor working in our contact center mistakenly transmitted a copy of your cruise ticket on August 17,2018 to one other guest who was on your voyage.

Now if that's the case, why are there so many others getting the same letter, sounds like they are lying to us.

 

Sent from my SM-S320VL using Forums mobile

 

app

Exactly, doesn't sound like a simple mistake to me. This contractor most likely was involved in Identity Theft.

At this point, we aren't sure what to do or who to contact besides a Credit Bureau. The letter did state that there was a police investigation and the findings said that it was a mistake but I wouldn't bet my house on it.

Or one passengers information was mistakenly transmitted and they don’t know who that passenger was so they sent the letter to everyone.

On another note how did they access the recipient’s email account to “permanently delete and erase your electronic ticket from the other guest’s email account and trash folder”?

We have not travelled MSC yet however a similar thing happened to us travelling with Celebrity. They sent someone elses details to us and visa versa. We learned of the breach through our roll call where several had same complaint. I had not noticed when the email came through with someone elses name, address but same cruise date. We pointed out that it was a breach of data protection and now someone knew we would be away from our home at certain times and we knew when they would be away. We were all given an apology and a generous on board credit allowance.

We have not travelled MSC yet however a similar thing happened to us travelling with Celebrity. They sent someone elses details to us and visa versa. We learned of the breach through our roll call where several had same complaint. I had not noticed when the email came through with someone elses name, address but same cruise date. We pointed out that it was a breach of data protection and now someone knew we would be away from our home at certain times and we knew when they would be away. We were all given an apology and a generous on board credit allowance.

Sent from my SM-S320VL using Forums mobile app

Myself, a guest, along with several other parties that booked together as a group for the 9/1/18 sailing on MSC Seaside received this notice as well.  Has anyone contacted MSC directly to further inquire regarding their actions?  If so, what kind of response have you received from the MSC?  It would appear that many passengers have been affected.  I recall receiving an email from MSC with attached cruise tickets on 8/26/18.  This email was addressed to "undisclosed recipients" which leaves the possibility of identifying a breach, that may have potentially included the data breach of every passenger on board.

Sue them. I hate the fact they aren't more upfront about it. Compensation is definitely due in some form - for example if a bank in the UK breaches data protection rules, and wrong mailings etc go out, you'll get c. £250 compensation. Probably more if you take it further. Personal info is incredibly valuable.

NCL tried a similar thing with us in July (not a data breach, but still) - they claimed that we were the only ones affected and that our cabin  must have been 'overlooked' when they were dishing out free transfer tickets to Stockholm. Our party had 2 cabins on opposite sides of the ship and on different decks. Plus we met countless people in the same boat. I've a lot more respect when people are forthcoming with the truth.

1 hour ago, Captain-John said:

Sue them.

 

 

Yeah you are so right. Sue everybody who'd wronged you. How much upfront legal retainer fee are you prepared to put up? 

2 hours ago, sfaaa said:

Yeah you are so right. Sue everybody who'd wronged you. How much upfront legal retainer fee are you prepared to put up? 

Well, they should be honest about the issue, and they should be offering compensation for their mistake.

As they don't seem to be doing either, it doesn't leave a lot of options left.