(Photo by Matt Blyth/Getty Images)
MIAMI - Carnival Corporation said it has started notifying people affected by an April 2026 data breach.
Dig deeper:
The company said it discovered unauthorized activity on April 14 after a hacker used social engineering tactics to trick an employee and gain access to part of Carnival's IT systems.
Carnival said it quickly stopped the activity and launched an investigation with outside cybersecurity experts.
RELATED: Southwest updates its seat policy for plus-size passengers
What they're saying:
The investigation found that the hacker accessed personal information. Carnival said its review is still ongoing, but the affected data may include names, addresses, email addresses, phone numbers, dates of birth, and government-issued identification numbers such as driver's license and passport numbers.
What's next:
The company began sending notification letters and emails to affected individuals on May 27. It also launched a public webpage with information about the incident for people whose contact information may be outdated.
RELATED: 2 women accused in Carnival cruise fight over line now facing federal charges
What you can do:
Carnival is offering eligible U.S. residents two years of free credit monitoring through TransUnion and is encouraging affected individuals to remain alert for signs of identity theft or fraud.
The company recommends regularly reviewing financial account statements and credit reports for any suspicious activity. Anyone who believes they may be a victim of identity theft is advised to contact local law enforcement.
The company has also set up a dedicated call center to answer questions about the incident and the credit monitoring services.
Affected individuals can contact the TransUnion call center at 1-844-593-8310 between 8 a.m. and 8 p.m. ET, Monday through Friday, excluding major U.S. holidays.
The Source: The information in this story comes from a data breach notice published by Carnival Corporation. The Associated Press contributed to this report.