Carnival Corporation has confirmed a data breach that affected nearly 6 million people after attackers used social engineering to access an employee account and copy personal information from its IT systems. The ShinyHunters group claimed the breach and said it stole millions of records, including customer names, birth dates, email addresses, locations, and loyalty program details. #CarnivalCorporation #ShinyHunters #HollandAmerica #MarinerSociety
Keypoints
- Carnival notified 5,995,277 customers about the breach.
- Attackers used social engineering to access an employee account.
- Unauthorized activity was first identified on April 14, 2026.
- ShinyHunters claimed to have stolen 8.7 million records and internal data.
- Exposed data included personal details and loyalty program information.