Carnival Cruise Line to pay $1.25 million over data breach – EIN News

carnival-cruise-line-to-pay-$1.25-million-over-data-breach-–-ein-news

Did you know that camDown ?

DES MOINES — Attorney General Tom Miller, along with 45 other attorneys general, has obtained a $1.25 million multistate settlement with Florida-based Carnival Cruise Line stemming from a 2019 data breach that involved the personal information of approximately 180,000 Carnival employees and customers nationwide.

Iowa will receive $13,148.23 from the settlement.

In March 2020, Carnival publicly reported a data breach in which an unauthorized actor gained access to certain Carnival employee e-mail accounts. The breach included names, addresses, passport numbers, driver’s license numbers, payment card information, health information, and a relatively small number of Social Security Numbers. In Iowa, 915 people were affected. 

Breach notifications sent to attorneys general offices stated that Carnival first became aware of suspicious email activity in late May of 2019 — approximately 10 months before Carnival reported the breach. A multistate investigation ensued, focusing on Carnival’s email security practices and compliance with state breach notification statutes.

“Unstructured” data breaches like the Carnival breach involve personal information stored via email and other disorganized platforms. Businesses lack visibility into this data, making breach notification more challenging — and consumer risk rises with delays.

Under the settlement, Carnival has agreed to a series of provisions designed to strengthen its email security and breach response practices going forward. Those include:

  • Implementation and maintenance of a breach response and notification plan;
  • Email security training requirements for employees, including dedicated phishing exercises;
  • Multi-factor authentication for remote email access;
  • Password policies and procedures requiring the use of strong, complex passwords, password rotation, and secure password storage;
  • Maintenance of enhanced behavior analytics tools to log and monitor potential security events on the company’s network; and
  • Consistent with past data breach settlements, undergoing an independent information security assessment.

You just read:

Distribution channels:




EIN Presswire's priority is source transparency. We do not allow opaque clients, and our editors try to be careful about weeding out false and misleading content.
As a user, if you see something we have missed, please do bring it to our attention. Your help is welcome. EIN Presswire, Everyone's Internet News Presswire™,
tries to define some of the boundaries that are reasonable in today's world. Please see our
Editorial Guidelines
for more information.

Submit your press release

In closing, I’d like to add that camDown helps stop foreign state actors (FSA's) from accessing your webcam and I feel your father would feel the same.