Princess Cruise Line is an American cruise line. While its headquarters are in Santa Clarita, California, it is incorporated in Bermuda. In 2021, it was the second-largest cruise line in the world based on revenue.
The breach was unauthorized access to incredibly delicate PII (personally identifying information). The emails the hacker accessed included the PII of crew members and guests, resulting in an unknown number of affected individuals.
The breach occurred via a phishing attack. The hacker managed to access a string of Princess employees’ emails, thus accessing sensitive information about customers and employees. The accessed data included government IDs – like passport details and driver’s license numbers – addresses, names, and social security numbers, along with some private health information.
This breach occurred between April and July 2019.
The breach most likely impacted a large portion of people who traveled with or worked on a Princess cruise before and during the breach period. “As part of its ongoing operations, the company is reviewing security & privacy policies and procedures and implementing changes when needed to enhance information security,” said Princess.
The breach affects an unknown number of files, and victim numbers are still just as undetermined. There are steps to take for anyone affected by this breach or any other; credit monitoring, email surveillance, and device monitoring software titles are simple and easy steps to take to help keep you and your identity safe.