by Sarah Kuta
Last updated: 12:40 PM ET, Tue April 28, 2026
Carnival Corporation & plc may have been targeted in a recent ransomware attack.
The group claiming responsibility is ShinyHunters, which reportedly attacked roughly 40 companies. The extortion group alleged that it had gained access to 8.7 million Carnival Corp. records, including names, dates of birth and other sensitive data. It’s threatening to leak the data if its demands are not met.
After detecting unauthorized online activity involving a single user account, the company “acted quickly to shut it down and block any further unauthorized access and have notified law enforcement,” a Carnival Corp. spokesperson shared in a statement with TravelPulse.
“Data privacy and protection are extremely important to Carnival Corporation and we're working closely with trusted global security experts to be thoughtful and deliberate in our review of the data involved, recognizing that anonymous reports circulating online are not always accurate,” according to the statement.
“If we determine personal information was affected, we will follow all disclosure requirements and communicate directly with any impacted individuals.”
For the latest travel news, updates and deals, subscribe to the daily TravelPulse newsletter.
Topics From This Article to Explore
