:

CARNIVAL CRUISE CONFIRMS DATA BREACH OF 6M PEOPLE

SECURITY DESK1 MIN READ
FRI, MAY 29, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Carnival Corporation acknowledged a data breach affecting nearly 6 million people, with the ShinyHunters extortion gang claiming responsibility in April 2026. The incident marks a significant security failure for the world's largest cruise line operator.

Carnival Corporation has officially confirmed the data breach after ShinyHunters publicly claimed the attack. The extortion gang's disclosure forced the cruise operator to acknowledge the incident affecting millions of passengers and employees. The breach exposed personal information tied to Carnival's operations across its multiple cruise brands. ShinyHunters, known for targeting large corporations and threatening to sell stolen data, demanded payment related to the attack. Carnival has not yet detailed specific information exposed in the breach or provided a timeline for customer notifications. The company operates multiple cruise lines globally, serving millions of passengers annually. This incident adds to a growing list of major data breaches in the travel and hospitality sector. Carnival has not disclosed whether it paid any ransom or the total financial impact of the breach.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

9H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.