Carnival settles $1.25 million law suit over data breach

[ontheweb]

$1.25 Million Settlement Over Carnival Cruise Line Data Breach | News Releases | NH Department of Justice

[ontheweb]

18 hours ago, ontheweb said:

$1.25 Million Settlement Over Carnival Cruise Line Data Breach | News Releases | NH Department of Justice

Just one note---unlike most class action suits that only the private lawyers make out well, this suit was by State's Attorney Generals, so the citizens of the state received the benefit, not the attorneys.

 

And one other thing---Carnival has no excuse for allowing a data breach of sensitive personal information. It is their responsibility to keep it protected.

Edited June 24, 2022 by ontheweb
added second paragraph

[Aplmac]

Privacy? What Privacy?

I gave up on that illusion about 20-25 yrs. ago.

 

We have no privacy.

Big Brother already knows everything about you!

Ditch your phone. It tracks your every move
down to the nearest 3 metres (accuracy)!

[ontheweb]

4 hours ago, Aplmac said:

Privacy? What Privacy?

I gave up on that illusion about 20-25 yrs. ago.

 

We have no privacy.

Big Brother already knows everything about you!

Ditch your phone. It tracks your every move
down to the nearest 3 metres (accuracy)!

I cannot ditch my phone as I only have a landline. 😉

[BlerkOne]

6 hours ago, ontheweb said:

Just one note---unlike most class action suits that only the private lawyers make out well, this suit was by State's Attorney Generals, so the citizens of the state received the benefit, not the attorneys.

 

On average less that $7 per person IF they get all of it. and at what cost to the taxpayers of the states?

 

6 hours ago, ontheweb said:

 

And one other thing---Carnival has no excuse for allowing a data breach of sensitive personal information. It is their responsibility to keep it protected.

 

I long ago lost count of corporations that have had data breaches. Why do you single Carnival out? Even Royal is not immune.

 

Carnival is in no danger of making the Top Ten (or hundred, thousand...)

https://www.upguard.com/blog/biggest-data-breaches-us

[BlerkOne]

5 hours ago, Aplmac said:

Privacy? What Privacy?

I gave up on that illusion about 20-25 yrs. ago.

 

We have no privacy.

Big Brother already knows everything about you!

Ditch your phone. It tracks your every move
down to the nearest 3 metres (accuracy)!

Nothing like how they track your computer and credit card usage.

[ProgRockCruiser]

7 hours ago, ontheweb said:

And one other thing---Carnival has no excuse for allowing a data breach of sensitive personal information. It is their responsibility to keep it protected.

Individuals lose control over their own data all the time through their own mistakes or sloppiness or reliance on third party "safety measures". How many people do you know that have had their emails hacked, or their FB, Instagram, or whatever accounts commandeered?  (Not the cloned accounts, though they are a side-effect of similar data harvesting.)

 

Companies can do only so much to prevent the inevitable - given enough external resources, using all the various techniques available, someone at sometime is going to gain access to your data.  The question is mostly a matter of whether "they" think it is worthwhile mounting the attack with required resources.

 

In this case, the measures that Carnival has been ordered to put in place should have been there all along, but next time they will probably just slow down the attack, not totally prevent it, because humans will still be involved, and phishing seems to continue to be the biggest threat/weakness.

[ontheweb]

2 hours ago, BlerkOne said:

 

On average less that $7 per person IF they get all of it. and at what cost to the taxpayers of the states?

 

 

I long ago lost count of corporations that have had data breaches. Why do you single Carnival out? Even Royal is not immune.

 

Carnival is in no danger of making the Top Ten (or hundred, thousand...)

https://www.upguard.com/blog/biggest-data-breaches-us

How do you know how much this cost the taxpayers of the states whose AGs were suing Carnival? And doesn't the losing side generally have to pay the court costs?

 

Why did I single out Carnival? I found this article about Carnival and posted it, that's why.

[BlerkOne]

52 minutes ago, ontheweb said:

How do you know how much this cost the taxpayers of the states whose AGs were suing Carnival? And doesn't the losing side generally have to pay the court costs?

 

Why did I single out Carnival? I found this article about Carnival and posted it, that's why.

Often, state AG offices KEEP some of the money from lawsuits, so not all, if any, gets paid out to those who were actually wronged.

https://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2015/2/19/when-states-win-lawsuits-where-does-the-money-go

 

 

AG offices have salaried lawyers on staff - those are not court costs.

[BlerkOne]

4 hours ago, ProgRockCruiser said:

In this case, the measures that Carnival has been ordered to put in place should have been there all along, but next time they will probably just slow down the attack, not totally prevent it, because humans will still be involved, and phishing seems to continue to be the biggest threat/weakness.

It is impossible to prevent all attacks all the time. Data breaches are increasing year after year

 

https://iapp.org/news/a/record-number-of-data-breaches-in-2021/

 

 

[ontheweb]

10 hours ago, BlerkOne said:

An offtopic question in the form of a personal attack.

 

NCL is not immune.

https://www.infosecurity-magazine.com/news/norwegian-cruise-line-suffers-data/

You see everything that is posted when it disagrees with you as a personal attack. You asked me a question in your post #5. Instead of seeing it as a personal attack, I answered it in my post #8.

[ontheweb]

9 hours ago, BlerkOne said:

You will be hard pressed to find a fine greater than $5 billion, which is what Facebook settled for over data security.

Again, what has this to do with Carnival? 

 

I would imagine a fine for Facebook would be larger than one for Carnival since they have data on many more people. But, how does that make what happened to Carnival somehow ok?

[BlerkOne]

5 hours ago, ontheweb said:

You see everything that is posted when it disagrees with you as a personal attack. You asked me a question in your post #5. Instead of seeing it as a personal attack, I answered it in my post #8.

What a crock. When someone posts about me instead of something I posted, they make it personal. I couldn't care less if someone doesn't agree with me.

[BlerkOne]

5 hours ago, ontheweb said:

Again, what has this to do with Carnival? 

 

I would imagine a fine for Facebook would be larger than one for Carnival since they have data on many more people. But, how does that make what happened to Carnival somehow ok?

Carnival is in the cruise line business, not IT. You would think Microsoft has the knowledge and experience to stop breaches, but no.

 

https://firewalltimes.com/microsoft-data-breach-timeline/

[Illbcruzn4life]

2 hours ago, BlerkOne said:

Carnival is in the cruise line business, not IT. You would think Microsoft has the knowledge and experience to stop breaches, but no.

 

https://firewalltimes.com/microsoft-data-breach-timeline/

 

but Carnival hires IT people because that is needed to run their ships

Edited June 25, 2022 by Illbcruzn4life

[ontheweb]

4 hours ago, BlerkOne said:

Carnival is in the cruise line business, not IT. You would think Microsoft has the knowledge and experience to stop breaches, but no.

 

https://firewalltimes.com/microsoft-data-breach-timeline/

Are you really saying Carnival bears no responsibility for protecting your personal data because IT is not their main business?

[BlerkOne]

I imagine Microsoft has some of the best IT professionals available. Google has also been breached. Carnival has a responsibility to try, but if the best can't stop all breaches, what chance does Carnival have?