On April 14, 2026, Carnival Corporation detected unauthorized access to its IT systems after a hacker used social engineering tactics to trick an employee. The company quickly stopped the activity and launched an investigation with external cybersecurity experts.
The review found that the attacker accessed personal information, which may include:
- Names, addresses, and email addresses
- Phone numbers and dates of birth
- Government‑issued IDs such as driver’s licenses and passports
Carnival began sending notification letters and emails on May 27, 2026, and also launched a public webpage for individuals whose contact information may be outdated.
Consumer Protection Measures
- Free credit monitoring: Eligible U.S. residents receive two years of TransUnion monitoring.
- Recommendations: Carnival advises reviewing financial statements and credit reports regularly.
- Support line: Affected individuals can call 1‑844‑593‑8310, Monday to Friday, 8 a.m. to 8 p.m. ET (excluding major holidays).
Context
This incident highlights the growing risk of social engineering attacks in the travel industry. Carnival’s response—offering credit monitoring and setting up a dedicated call center—aims to mitigate potential identity theft and reassure customers.
Subscribe to the JFN WhatsApp Channel
