Jump to content

Recommended Posts

21 minutes ago, BlerkOne said:

but it was why CCL stock drooped today.

I think the big players in cruising and even travel were down today. Royal went down quite a bit- didn't they have some type of debt offering or convertible notes or something?

Link to post
Share on other sites
57 minutes ago, xDisconnections said:

I think the big players in cruising and even travel were down today. Royal went down quite a bit- didn't they have some type of debt offering or convertible notes or something?

I don't follow RCL but it looks like a couple of days ago they said they are trying to raise a billion dollars.

 

On Carnival, we learned the cruise lines impacted - Carnival, Holland, and Seabourn

 

Carnival Corporation (CCL -6.9%) plunges after disclosing a data breach that could affect customers' user information.

CCL says in August an unauthorized party gained access to a company database which includes personal information relating to some guests, employees and crew for three of the corporation's brands -- Carnival Cruise Line, Holland America Line and Seabourn, as well as casino operations.

The company engaged a major cybersecurity firm to investigate the matter and notified law enforcement and appropriate regulators of the event and took steps to recover its files, has evidence indicating a low likelihood of the data being misused.

The company is working to identify the guests, employees, crew and other individuals whose personal information may have been impacted and expects to complete this process within the next 30 to 60 days and will then send notifications to potentially affected individuals whose current contact information is available to the company.

Link to post
Share on other sites

I cannot understand how multi-billion dollar companies cannot keep sensitive data secure. There is nothing that is totally secure, but you can keep the bad actors at bay with effective counter measures, including those that prevent social engineering and disgruntled employees. 

Link to post
Share on other sites
13 hours ago, JT1962 said:

Just what Carnival and the cruise industry needed this year, more issues.

 

 

 

 

And just what we need - another thing to worry about.  Don't care about the names/addresses/phone # but not thrilled that dob/passport/ss # info may be out there.

Link to post
Share on other sites
2 hours ago, Moviela said:

I cannot understand how multi-billion dollar companies cannot keep sensitive data secure. There is nothing that is totally secure, but you can keep the bad actors at bay with effective counter measures, including those that prevent social engineering and disgruntled employees. 

Because the most important part of good cybersecurity still relies on humans to not click that link in a spoof/phishing email.

 

You'd be amazed at how fallible/gullible some people are...

Link to post
Share on other sites
27 minutes ago, fyree39 said:

https://digitalguardian.com/blog/top-10-biggest-us-government-data-breaches-all-time

 

It's probably way too late to worry about bad actors having your information. At least I wasn't a part of Tricare when they got hacked. 

 

Yep, my credit watch dog company alerted me that all my bank accounts, investment accounts and credit card accounts were found on-line. Was a huge hassle to close all those accounts I had for decades.

Link to post
Share on other sites

They're not going to tell you who or what, but given that the article said "SOME" passengers and crew and CASINO operations, if you don't play in the casino, you're probably ok.  If you're PLAYERS CLUB,  you may want to check with your credit cards or "LifeLock" type security.

Link to post
Share on other sites
6 hours ago, Moviela said:

I cannot understand how multi-billion dollar companies cannot keep sensitive data secure. There is nothing that is totally secure, but you can keep the bad actors at bay with effective counter measures, including those that prevent social engineering and disgruntled employees. 

It happens to everybody.  From the real experts: it is not a matter of if, but when.   The bad guys adapt to countermeasures with increased efficiency and skill.  Most would agree that the skill level is better on the bad guys side.  

Edited by jimbo5544
Link to post
Share on other sites
4 hours ago, ProgRockCruiser said:

Because the most important part of good cybersecurity still relies on humans to not click that link in a spoof/phishing email.

 

You'd be amazed at how fallible/gullible some people are...

Bingo

 

Link to post
Share on other sites
6 hours ago, Moviela said:

I cannot understand how multi-billion dollar companies cannot keep sensitive data secure. There is nothing that is totally secure, but you can keep the bad actors at bay with effective counter measures, including those that prevent social engineering and disgruntled employees. 

Once they connect to the Internet, it's game over.

 

Same with physical security of your home or business. or computer center. If someone wants in bad enough, they will find or make a way.

Link to post
Share on other sites
2 hours ago, ontheweb said:

They should hire the bad guys to find the holes in their security.

They do.   But there are more bad than good.  

Some of these are just young hackers sitting in their basements, find out how easy it is to do and maybe make a little $ for that next game..  Many are "professional", reside in China or Russia or other countries and are doing things intentionally.

Link to post
Share on other sites

Ccl because if it size , amount of transactions and being a public company are mandated thru several ways .

PCI being one of them .

i know for a fact they are required by law proper architecture to isolate data , along with protocols to continually protect.they are mandated have onsite audits, continues network scans .

unfortunately with many companies going to skeleton crews these are the first thing that slip .. systems go unpatched and holes are opened and exploited.

this breach and how he it occurred and what exactly was exploited will ultimately  be published.
I know of three breach of pii data in large for profit companies.. Not Ccl -all due to lack of upkeep and maintenance due to layoffs .

all under control of the co but short sighted penny wise /dollar foolish.

Giant fines for non compliance!

 

Link to post
Share on other sites
1 hour ago, crewsweeper said:

They do.   But there are more bad than good.  

Some of these are just young hackers sitting in their basements, find out how easy it is to do and maybe make a little $ for that next game..  Many are "professional", reside in China or Russia or other countries and are doing things intentionally.

carnival does every year , they must an outside info sec co do at a Bare minimum penetration tests for internal, external, social engineering and physical. they are usually contracted for and are unannounced .

With proper upkeep it brings the risk way way down.. 

Most foreign gov are after IP or surveillance,  not credit cards or pii data , North Korea being the exception 

Link to post
Share on other sites
1 hour ago, bitemyfly said:

carnival does every year , they must an outside info sec co do at a Bare minimum penetration tests for internal, external, social engineering and physical. they are usually contracted for and are unannounced .

With proper upkeep it brings the risk way way down.. 

Most foreign gov are after IP or surveillance,  not credit cards or pii data , North Korea being the exception 

and every year there are security breaches. I've lost count of how many years of free credit monitoring services I am entitled to.

Link to post
Share on other sites
14 hours ago, pe4all said:

And just what we need - another thing to worry about.  Don't care about the names/addresses/phone # but not thrilled that dob/passport/ss # info may be out there.

 

I'm assuming the SS# are from employees & crew. As passengers, we don't give our SS# for the booking process.

 

It irks me that they collect our passport numbers. I don't know why we can't just check off the passport option during online check-in without including the number. They check them at the terminal, that should be enough.

Link to post
Share on other sites
3 minutes ago, Organized Chaos said:

 

I'm assuming the SS# are from employees & crew. As passengers, we don't give our SS# for the booking process.

 

It irks me that they collect our passport numbers. I don't know why we can't just check off the passport option during online check-in without including the number. They check them at the terminal, that should be enough.

 

What could someone do with a passport number? Don't all US passports have RFID chips these days?

Link to post
Share on other sites
13 hours ago, ProgRockCruiser said:

Because the most important part of good cybersecurity still relies on humans to not click that link in a spoof/phishing email.

 

You'd be amazed at how fallible/gullible some people are...

 

Their "information technology systems," as they call it, weren't breached because people may have clicked on phishing emails.

 

11 hours ago, crewsweeper said:

They're not going to tell you who or what, but given that the article said "SOME" passengers and crew and CASINO operations, if you don't play in the casino, you're probably ok.  If you're PLAYERS CLUB,  you may want to check with your credit cards or "LifeLock" type security.

 

They're working on figuring out whose data was taken and they'll start notifying those people, possibly within 30-60 days. It went beyond casino players. It likely includes data collected during the booking process as well, which is millions of people booked at any given time. For what it's worth, they're claiming that their evidence shows there's a "low likelihood of the data being misused." Take that with a grain of salt. For some people, it could be months, a year, or more for them to see any fraudulent activity. The data taken during these breaches are often sold en masse online. Bad guys often buy up large lots of this information and it takes a while to work through all of it. I have a relative who got caught up in the huge Target breach several years ago, but she didn't know it until the bad guys started using her credit card a year later.

Link to post
Share on other sites
7 hours ago, Organized Chaos said:

 Bad guys often buy up large lots of this information and it takes a while to work through all of it. I have a relative who got caught up in the huge Target breach several years ago, but she didn't know it until the bad guys started using her credit card a year later.

 

years ago i was involved with the Home Depot data breach and that was the first time i ever seen fraudulent activity on my credit card

Link to post
Share on other sites

Unfortunately we have been "victims" a few times. (Target, American Airlines)  Our credit card companies seem to be really good in "recognizing" fraudulent charges, and putting a hold on a card until we okay the transaction.  It is a pain sometimes until we contact the fraud dept., and sometimes the transaction is cancelled if we don't respond immediately but worth it in the long run.   Hoping we are missed in the CCL breach, as we play in the casino.  I am sure people will post somewhere on this board if CCL informs them they have been breached.  I know I will - lol.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Forum Jump
    • Categories
      • Forum Assistance
      • Q&A with Chris Prelog, President of Windstar Cruises!
      • Register Now for Cruise Critic Live Special Event: Royal Caribbean
      • New Cruisers
      • Cruise Lines “A – O”
      • Cruise Lines “P – Z”
      • River Cruising
      • ROLL CALLS
      • Digital Photography & Cruise Technology
      • Special Interest Cruising
      • Cruise Discussion Topics
      • UK Cruising
      • Australia & New Zealand Cruisers
      • North American Homeports
      • Ports of Call
      • Cruise Conversations
×
×
  • Create New...