P661TECH TEXT NEWS
:
[SECURITY]

CARNIVAL CRUISE CONFIRMS DATA BREACH OF 6M PEOPLE

SECURITY DESK1 MIN READ
FRI, MAY 29, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Carnival Corporation acknowledged a data breach affecting nearly 6 million people, with the ShinyHunters extortion gang claiming responsibility in April 2026. The incident marks a significant security failure for the world's largest cruise line operator.

Carnival Corporation has officially confirmed the data breach after ShinyHunters publicly claimed the attack. The extortion gang's disclosure forced the cruise operator to acknowledge the incident affecting millions of passengers and employees. The breach exposed personal information tied to Carnival's operations across its multiple cruise brands. ShinyHunters, known for targeting large corporations and threatening to sell stolen data, demanded payment related to the attack. Carnival has not yet detailed specific information exposed in the breach or provided a timeline for customer notifications. The company operates multiple cruise lines globally, serving millions of passengers annually. This incident adds to a growing list of major data breaches in the travel and hospitality sector. Carnival has not disclosed whether it paid any ransom or the total financial impact of the breach.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

P706DDOS ATTACKS NOW SOLD AS SUBSCRIPTION SERVICES

Cybercriminals have transformed DDoS attacks into a polished, commercialized service complete with pricing tiers, customer support, and reseller programs. The DDoS-as-a-Service market has evolved from basic tools into sophisticated attack platforms.

9H AGOIndustry Desk
P704MICROSOFT THREATENS RESEARCHER OVER SECURITY DISCLOSURE

Microsoft faced backlash after threatening a security researcher with criminal investigation, reigniting debate over software vulnerability disclosure practices and corporate responsibility.

9H AGOSecurity Desk
P705CHROME ROLLS OUT SESSION COOKIE THEFT PROTECTION

Google is deploying Device Bound Session Credentials (DBSC) to all Chrome users, a security feature designed to prevent account takeovers by protecting session cookies from theft.

9H AGOIndustry Desk
P703DUTCH GOVT TAKES DOWN 17M-DEVICE BOTNET

Dutch authorities have dismantled a major botnet comprising 17 million infected devices and seized over 200 servers hosting the operation at a local provider.

9H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.

◄ BACK TO NEWS