Rare aborgman Posted June 28 #226 Share Posted June 28 (edited) 16 minutes ago, SwordBlazer Cruising said: How can anyone blame the cruiseline and say it's a security issue? Because allowing someone to cancel someone else's cruise, with just a last name and booking number, both of which get repeatedly sent in unsecured emails... is just really, really lax security. Like... 2003 called on your landline and warned you not to post your booking info on MySpace levels of lax. "The same can be done for a Southwest ticket, Delta, and the list goes on." You aren't wrong - which is why 89% of the travel industry failed in the security audits I mentioned. This is not a Carnival security issue - this is an "almost the entire travel industry" has unacceptably lax security issue. Edited June 28 by aborgman 2 Link to comment Share on other sites More sharing options...
Rare ontheweb Posted June 28 #227 Share Posted June 28 4 hours ago, SwordBlazer Cruising said: How can anyone blame the cruiseline and say it's a security issue? The consumer allowed her private information public and from her account, someone followed the normal path to cancel her booking. Sure, there could be another layer to authenticate if its the real person but a security "flaw" would be someone hacking into her crusieline loyalty account and taking her booking details that way. Its falls on her and her husband 1000%. The same can be done for a Southwest ticket, Delta, and the list goes on. The cruiseline offered her compensation and she was greedy and now gets nothing. I don't know if you can really say she got nothing. She got her few minutes of fame, and by the way she seems to be basking in that, I would say it is something she has really enjoyed. 2 Link to comment Share on other sites More sharing options...
Rare BlerkOne Posted June 28 #228 Share Posted June 28 1 hour ago, ontheweb said: I don't know if you can really say she got nothing. She got her few minutes of fame, and by the way she seems to be basking in that, I would say it is something she has really enjoyed. Probably has already monetized it for more than her alleged losses. 3 Link to comment Share on other sites More sharing options...
vwrestler171 Posted June 29 #229 Share Posted June 29 On 6/28/2024 at 6:04 AM, SwordBlazer Cruising said: How can anyone blame the cruiseline and say it's a security issue? The consumer allowed her private information public and from her account, someone followed the normal path to cancel her booking. Sure, there could be another layer to authenticate if its the real person but a security "flaw" would be someone hacking into her crusieline loyalty account and taking her booking details that way. Its falls on her and her husband 1000%. The same can be done for a Southwest ticket, Delta, and the list goes on. The cruiseline offered her compensation and she was greedy and now gets nothing. The fact that all you need is a booking number and you cancel a booking is laughable. Sadly, it wouldn't be that hard. All I would need is an email and I could probably cancel it. Carnival and the entire travel industry are in danger of negligence since this came up if they do not make any changes in the future. Link to comment Share on other sites More sharing options...
SwordBlazer Cruising Posted June 29 #230 Share Posted June 29 19 minutes ago, vwrestler171 said: The fact that all you need is a booking number and you cancel a booking is laughable. Sadly, it wouldn't be that hard. All I would need is an email and I could probably cancel it. Carnival and the entire travel industry are in danger of negligence since this came up if they do not make any changes in the future. Nah, whats laughable is that silly consumer who invited this issue by posting her booking information on social media. Don't confuse negligence with being culpable + stupidity . 2 Link to comment Share on other sites More sharing options...
Rare BlerkOne Posted June 29 #231 Share Posted June 29 23 minutes ago, vwrestler171 said: The fact that all you need is a booking number and you cancel a booking is laughable. Sadly, it wouldn't be that hard. All I would need is an email and I could probably cancel it. Carnival and the entire travel industry are in danger of negligence since this came up if they do not make any changes in the future. You would need more than just a booking number. 1 Link to comment Share on other sites More sharing options...
vwrestler171 Posted June 29 #232 Share Posted June 29 18 minutes ago, SwordBlazer Cruising said: Nah, whats laughable is that silly consumer who invited this issue by posting her booking information on social media. Don't confuse negligence with being culpable + stupidity . Once a security flaw is identified, it is on them to fix it. 15 minutes ago, BlerkOne said: You would need more than just a booking number. Booking number and last name, and the last name is easily found. Link to comment Share on other sites More sharing options...
SwordBlazer Cruising Posted June 29 #233 Share Posted June 29 6 minutes ago, vwrestler171 said: Once a security flaw is identified, it is on them to fix it. Booking number and last name, and the last name is easily found. Its not a flaw when the correct path was used to cancel a booking. If thats the case then hundreds of bookings would fave the same fate each and every week. This issue is on the consumer, full stop. 4 Link to comment Share on other sites More sharing options...
Rare BlerkOne Posted June 29 #234 Share Posted June 29 (edited) 9 minutes ago, vwrestler171 said: Once a security flaw is identified, it is on them to fix it. Booking number and last name, and the last name is easily found. and PIN if cancelling over the phone, which was not what allegedly happened. Someone allegedly created a duplicate account, which takes a first and last name, date of birth, phone number and more. If this happened at all, it was identity theft, as Carnival has said. Meanwhile, while the grifter hasn't posted anything else that has been picked up, so either she shut up of someone shut her up. But the virus (false rumor) carries on. Edited June 29 by BlerkOne 1 Link to comment Share on other sites More sharing options...
CountryStyleMe Posted July 15 #235 Share Posted July 15 On 6/2/2024 at 6:20 PM, tidecat said: PINs can be compromised too as people tend to use things like birthdates. Requiring two-factor authentication would also be a huge deterrent to something like this happening. Pins can also be hacked quite easily with the help of AI (same as Facial and Finger Print scans needing to be taken at Airports and Cruise Ports in 2025 - 2028 when it launched and each Country will have a copy of them to make it quicker and easier for everyone getting through border control. Link to comment Share on other sites More sharing options...
Rare BlerkOne Posted July 15 #236 Share Posted July 15 11 minutes ago, CountryStyleMe said: Pins can also be hacked quite easily with the help of AI These PIN numbers are are given verbally over the phone. Yes, phones and emails can be intercepted, but I think most people with a brain need the reward to be greater than the risk. Link to comment Share on other sites More sharing options...
Rare BlerkOne Posted July 19 #237 Share Posted July 19 or over the phone. Seems to be scamming season https://nypost.com/2024/07/19/us-news/scammer-cancels-unsuspecting-calif-familys-900-carnival-cruise-trip-just-days-before-ship-set-sail/ Link to comment Share on other sites More sharing options...
pc_load_letter Posted July 19 #238 Share Posted July 19 Did we do this one yet? Says she did not post any information on the internet. Said some called her asking if she wanted an upgrade. Then she gave them money. Then cruise was cancelled. https://nypost.com/2024/07/19/us-news/scammer-cancels-unsuspecting-calif-familys-900-carnival-cruise-trip-just-days-before-ship-set-sail/ Link to comment Share on other sites More sharing options...
staceyglow Posted July 19 #239 Share Posted July 19 15 minutes ago, pc_load_letter said: Did we do this one yet? Says she did not post any information on the internet. Said some called her asking if she wanted an upgrade. Then she gave them money. Then cruise was cancelled. https://nypost.com/2024/07/19/us-news/scammer-cancels-unsuspecting-calif-familys-900-carnival-cruise-trip-just-days-before-ship-set-sail/ I would bet anything that she responded to some sort of phishing email or text about a fake upgrade. Then they cancelled her cruise with the real Carnival when she disputed the charge. That's something that could happen with any business one deals with. That being said, it's something that would never happen to someone who uses a PVP exclusively. Link to comment Share on other sites More sharing options...
Rare ontheweb Posted July 19 #240 Share Posted July 19 32 minutes ago, staceyglow said: I would bet anything that she responded to some sort of phishing email or text about a fake upgrade. Then they cancelled her cruise with the real Carnival when she disputed the charge. That's something that could happen with any business one deals with. That being said, it's something that would never happen to someone who uses a PVP exclusively. Also would not happen with a cruise booked by a TA. Because of the "loss of control", only the TA could cancel the cruise acting for the client. 3 Link to comment Share on other sites More sharing options...
Rare BlerkOne Posted July 19 #241 Share Posted July 19 1 hour ago, staceyglow said: I would bet anything that she responded to some sort of phishing email or text about a fake upgrade. Then they cancelled her cruise with the real Carnival when she disputed the charge. That's something that could happen with any business one deals with. That being said, it's something that would never happen to someone who uses a PVP exclusively. 56 minutes ago, ontheweb said: Also would not happen with a cruise booked by a TA. Because of the "loss of control", only the TA could cancel the cruise acting for the client. Never say never. 2 Link to comment Share on other sites More sharing options...
staceyglow Posted July 19 #242 Share Posted July 19 1 minute ago, BlerkOne said: Never say never. If I deal only with my PVP, whose name pops up on the phone when she calls, who has a dedicated extension we type in when call her, and whose voice I recognize, I don't see how this could happen to me. Link to comment Share on other sites More sharing options...
Rare BlerkOne Posted July 19 #243 Share Posted July 19 2 minutes ago, staceyglow said: If I deal only with my PVP, whose name pops up on the phone when she calls, who has a dedicated extension we type in when call her, and whose voice I recognize, I don't see how this could happen to me. You can't stop a dedicated hacker. 2 Link to comment Share on other sites More sharing options...
Rare jimbo5544 Posted July 19 #244 Share Posted July 19 31 minutes ago, BlerkOne said: You can't stop a dedicated hacker. more fact than fiction in that statement Link to comment Share on other sites More sharing options...
staceyglow Posted July 20 #245 Share Posted July 20 3 hours ago, BlerkOne said: You can't stop a dedicated hacker. That wasn't hacking, that was phishing. 🙂 With phishing, it is the victim that gives the information to the scammer. Link to comment Share on other sites More sharing options...
mikayla73 Posted July 22 #246 Share Posted July 22 (edited) never mind Edited July 22 by mikayla73 Link to comment Share on other sites More sharing options...
pe4all Posted July 23 #247 Share Posted July 23 I understand the second example of getting scammed - it was an upgrade "sale", and the scammer got $$ for their effort- until the charge was disputed. I do not understand what the person who cancelled the other family's $15,000 cruise got out of it - except the satisfaction of possibly destroying a family's vacation. Link to comment Share on other sites More sharing options...
DeniseTr Posted August 7 #248 Share Posted August 7 On 6/2/2024 at 5:59 PM, ChutChut said: I have a slightly different take on this situation. Sure - posting sensitive info online isn't uber bright and, yes, someone took advantage of that to cancel their reservation. But - didn't Carnival resell that suite? Isn't that why the couple couldn't get their cabin back? If Carnival did, indeed, sell (even if someone "won" a purchased upgrade, etc.) that cabin, it benefitted more as a result. I'm not saying that Carnival did anything "wrong." I'm just saying that, in this unfortunate situation, it appears Carnival didn't (and won't) lose any revenue if it gives the couple a full FCC, etc. Again, I don't know all of the particulars but this was a very unfortunate circumstance all around. But if Carnival benefitted in any way from it (additional revenue, etc.), I don't think that's right. For all Carnival knows, they cancelled it themselves and tried to scam the system claiming it was someone else. I can't fault Carnival for following policies the customer agreed to, but they certainly tried to make it right. 1 Link to comment Share on other sites More sharing options...
DeniseTr Posted August 7 #249 Share Posted August 7 On 6/5/2024 at 9:35 AM, pc_load_letter said: It would not be hard for Carnival to implement any form of multi factor authentication for their website. When dealing with purchases of potentially thousands of dollars, I would welcome that change. But doing some googling this morning, it would seem that there are a great number of laws on the books that punish the "do-er" of computer fraud but I can't find anything that holds the company liable. https://www.justice.gov/jm/jm-9-48000-computer-fraud 2 factor Auth would be expensive to implement and cause a lot more calls to customer service, but I agree, something that would be good. I don't believe she didn't receive a cancelation email, I recieve emails every time I make a transaction with carnival. 1 Link to comment Share on other sites More sharing options...
DeniseTr Posted August 7 #250 Share Posted August 7 On 6/13/2024 at 1:17 PM, BlerkOne said: Hopefully they are investigating her Carnival's system should be logging information about what IP address cancelled the reservation. (This can easily be traced right back to the user) Wouldn't shock me to see her indicted for attempted fraud. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now