Rare Colin_Cameron Posted August 18, 2020 #1 Share Posted August 18, 2020 Saw this on Cunard's FB page yesterday but didn't think too much about it: "We are sorry but our UK, European and Australian contact centres remain closed today due to an IT issue over the weekend which has affected our telephone system. We apologise for this and we are working to resolve it as soon as possible. In the meantime, please visit our website for inspiration, information and bookings." Then, this started appearing on several IT and financial sites: "Carnival hit by ransomware attack, guest and employee data accessed (Reuters) - Cruise operator Carnival Corp (CCL.N) said on Monday it launched an investigation into a ransomware attack on one of its brand’s information technology systems. Carnival, which operates AIDA, Carnival and Princess cruises among others, in a regulatory filing said the attack included unauthorized access to personal data of guests and employees. The company did not identify the brand that was affected and declined to provide more details, as the investigation process was at an early stage." It does not mean that it was the Cunard system that was breached. Shutting down other systems in the Corp. & PLC could be part of the containment actions. Does anyone know if other brands are also 'offline'? Link to comment Share on other sites More sharing options...
Host Hattie Posted August 18, 2020 #2 Share Posted August 18, 2020 There are reports on other boards (Princess & HAL) of problems with the websites and/or phone systems over the weekend. Link to comment Share on other sites More sharing options...
majortom10 Posted August 18, 2020 #3 Share Posted August 18, 2020 (edited) It is widely reported here in the UK that Carnival UK i.e. Cunard/P&O computer system has been hacked and customers data has been accessed very worrying. Edited August 18, 2020 by majortom10 1 Link to comment Share on other sites More sharing options...
Rare Windsurfboy Posted August 18, 2020 #4 Share Posted August 18, 2020 They have my name , address , dob on my account, which leaves me open to identify theft They should have deleted credit card details after refund, and passport details should have deleted as when last cruise was cancelled and luckily I haven't inputted them yet for 2022 cruise. But who knows what they keep in back up. As Majortom said worrying, let's see how long it takes them to contact us. My bet is never. Working from home is not always as secure as working from office. It can be but that takes time and investment. Link to comment Share on other sites More sharing options...
Rare Windsurfboy Posted August 18, 2020 #5 Share Posted August 18, 2020 They say online booking is working , maybe for new customers, but mine won't link to my account. Link to comment Share on other sites More sharing options...
Host Hattie Posted August 18, 2020 #6 Share Posted August 18, 2020 52 minutes ago, majortom10 said: It is widely reported here in the UK that Carnival UK i.e. Cunard/P&O computer system has been hacked and customers data has been accessed very worrying. Where have you seen that reported ? All the reports I have seen say that Carnival haven't identified the brand affected or whether it was a UK or US attack. 1 Link to comment Share on other sites More sharing options...
Ray66 Posted August 18, 2020 #7 Share Posted August 18, 2020 Someone called Molecrochip on the P&O forum says: Whilst I don’t have firm confirmation, I don’t believe it was a UK based brand that was attacked. Believe that related UK systems were taken offline as precaution whilst attack is investigated and understood. 1 Link to comment Share on other sites More sharing options...
BigMac1953 Posted August 18, 2020 #8 Share Posted August 18, 2020 Before everyone gets too excited and worked up, it might be better waiting for the facts. As has been pointed out, it may well have nothing to do with the UK or Cunard. No point in guessing. 1 Link to comment Share on other sites More sharing options...
Rare Windsurfboy Posted August 18, 2020 #9 Share Posted August 18, 2020 Both Cunard and P&O websites won't link a new booking to an account. Presume either personal data has been taken off line by carnival as a precaution , good. Or the've been ransomed, bad. Cant but wait and see. Link to comment Share on other sites More sharing options...
mcloaked Posted August 18, 2020 #10 Share Posted August 18, 2020 (edited) There is the direct SEC filing at https://www.sec.gov/ix?doc=/Archives/edgar/data/815097/000095014220002039/eh2001078_8k.htm and also the report at https://www.teiss.co.uk/carnival-corporation-ransomware-attack/ Edited August 18, 2020 by mcloaked Added an extra link Link to comment Share on other sites More sharing options...
mcloaked Posted August 18, 2020 #11 Share Posted August 18, 2020 It would normally be the case that the company would contact any customers whose data has been breached so that they are aware of the security implications. However that contact may not happen immediately. Link to comment Share on other sites More sharing options...
Rare Victoria2 Posted August 19, 2020 #12 Share Posted August 19, 2020 Voyage personaliser is up and running again today. Link to comment Share on other sites More sharing options...
Rare Windsurfboy Posted August 19, 2020 #13 Share Posted August 19, 2020 Voyage personaliser has always worked for me but I still can't access my account, where my details and preferences etc are stored Link to comment Share on other sites More sharing options...
Rare Victoria2 Posted August 19, 2020 #14 Share Posted August 19, 2020 13 minutes ago, Windsurfboy said: Voyage personaliser has always worked for me but I still can't access my account, where my details and preferences etc are stored Access to my VPs have been hit and miss so you're one up on me. Link to comment Share on other sites More sharing options...
Craigrlewis Posted August 20, 2020 #15 Share Posted August 20, 2020 Been trying to call them since Monday and can't Monday recorded message said they were closed due to IT issues then disconnected you Facebook/Twitter yesterday said the same Facebook/Twitter today says open but they can't access bookings so they will only answer general ship queries Not exactly sterling service - appreciate they are trying to deal with this IT breach but they should call it like it is and say "Due to the widely publicised IT breach we are closed trying to secure systems etc" I also find it strange they still have yet to confirm which brands and jurisdictions were compromised I could be sarcastic and say Cunards IT is so bad I doubt the hacker would even go near it for fear of ending up down one of those broken links to nowhere! Link to comment Share on other sites More sharing options...
Ynox Posted August 20, 2020 #16 Share Posted August 20, 2020 If Carnival are complying with GDPR legislation then all data should be encrypted (and if they're not GDPR compliant then that's a big problem). As others have said we don't know what Carnival brand is affected by this. But I'm not hugely worried personally as I'd hope stuff was encrypted as above. I suspect this is something like a network share was left open for people working remotely or similar. One machine had a ransomware installed (e.g. someone gets emailed a dodgy attachment) then it spread via the network share to other machines (e.g. servers) and encrypted them. Hopefully they had good back ups! (i do this kind of stuff for my job!) Link to comment Share on other sites More sharing options...
mcloaked Posted August 21, 2020 #17 Share Posted August 21, 2020 On 8/20/2020 at 8:20 PM, Ynox said: If Carnival are complying with GDPR legislation then all data should be encrypted (and if they're not GDPR compliant then that's a big problem). As others have said we don't know what Carnival brand is affected by this. But I'm not hugely worried personally as I'd hope stuff was encrypted as above. I suspect this is something like a network share was left open for people working remotely or similar. One machine had a ransomware installed (e.g. someone gets emailed a dodgy attachment) then it spread via the network share to other machines (e.g. servers) and encrypted them. Hopefully they had good back ups! (i do this kind of stuff for my job!) Many companies unfortunately rely on Windows servers, as well as Windows desktops for staff - Windows is the most vulnerable operating system to cyber attack - if Carnival's companies were using Linux servers they would have been hugely less vulnerable. Sadly this has not been taken on board by a lot of companies and organisations. Those companies who invested in Linux systems and expertise are in a much better position than those who have not. Either way I do hope that Cunard is not the brand impacted in this event, but I suppose information will emerge in due course - and hopefully the significant number of Cunard customers have not had their personal data exposed to the possibility of further attack at a personal level. It does take time for companies to try to recover from cyber attack events - hopefully it won't be too long - but in some cases (eg the recent Blackbaud exposure) it can be a month or two before information is released - hopefully in this case it will be a lot sooner! 1 Link to comment Share on other sites More sharing options...
Ynox Posted August 23, 2020 #18 Share Posted August 23, 2020 On 8/21/2020 at 10:04 PM, mcloaked said: Many companies unfortunately rely on Windows servers, as well as Windows desktops for staff - Windows is the most vulnerable operating system to cyber attack - if Carnival's companies were using Linux servers they would have been hugely less vulnerable. Sadly this has not been taken on board by a lot of companies and organisations. Those companies who invested in Linux systems and expertise are in a much better position than those who have not. Either way I do hope that Cunard is not the brand impacted in this event, but I suppose information will emerge in due course - and hopefully the significant number of Cunard customers have not had their personal data exposed to the possibility of further attack at a personal level. It does take time for companies to try to recover from cyber attack events - hopefully it won't be too long - but in some cases (eg the recent Blackbaud exposure) it can be a month or two before information is released - hopefully in this case it will be a lot sooner! Agreed. From memory Carnival UK's IT systems are on Windows - they're a Microsoft place. I saw a solutions architect role advertised that I was kind of tempted to apply for but my experience is more on the Java / Linux side than MS. Link to comment Share on other sites More sharing options...
resistk Posted August 23, 2020 #19 Share Posted August 23, 2020 Par for the course, Princess was breached a while back as well. Apparently Carnival didn't want to invest in security, a pity really. Link to comment Share on other sites More sharing options...
majortom10 Posted August 24, 2020 #20 Share Posted August 24, 2020 11 hours ago, resistk said: Par for the course, Princess was breached a while back as well. Apparently Carnival didn't want to invest in security, a pity really. Bet they wished they had now. Link to comment Share on other sites More sharing options...
bluemarble Posted October 15, 2020 #21 Share Posted October 15, 2020 (edited) This may be old news by now, but I noticed this yesterday. Carnival announced on Tuesday that the August IT breach involved three of their cruise brands: Carnival Cruise Line, Holland America Line and Seabourn (as well as casino operations). Here's a link to the press release. https://www.carnivalcorp.com/news-releases/news-release-details/carnival-corporation-plc-update-cyber-event Edited October 15, 2020 by bluemarble 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now