Ransomware is a type of malicious program used by hackers to take control of files in an infected system and then demand hefty payments to recover them.
The major breach could have also impacted some of the company’s other brands, which include Carnival Cruise Line, Princess Cruises, P&O, Cunard, Holland America Line, Seabourn, Costa Cruises, AIDA Cruises and Cunard.
In a statement, Carnival said that while it found no other brand’s IT systems to have been attacked “there can be no assurance that other information technology systems of the other Company’s brands will not be adversely affected.”
An investigation is now ongoing with law enforcement and legal teams to determine how the attack took place.
READ MORE: Two cruise ships in quarantine in Italy after coronavirus outbreaks
The cruise line has also said it is working with “industry-leading cybersecurity firms” to respond to the threat, defend Carnival’s IT systems and start remediation.
“While the investigation of the incident is ongoing, the Company has implemented a series of containment and remediation measures to address this situation and reinforce the security of its information technology systems,” read a legal filing by the cruise operator.
“The Company is working with industry-leading cybersecurity firms to immediately respond to the threat, defend the Company’s information technology systems, and conduct remediation.”
Though the firm does not believe the attack will not have “material impact’ on its business operations or financial results, it has expressed concerns that guests and staff who have had data stolen may file claims.
Quarantine UK: Which countries have the highest infection rates? [MAP]
Spain holidays: New rules hit tourist hotspots [INSIGHT]
Greece holidays: Bars and restaurants hit with new curfew [UPDATE]
“We expect that the security event included unauthorised access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders or regulatory agencies,” it said.
Personal data may include things such as name and address, as well as payment information.
Express.co.uk has contacted Carnival for additional comment on the cyber attack.
Kate Bevan, Which? Computing editor, said: “Carnival customers will be alarmed that their data could have fallen into the hands of hackers who might try to exploit it, so it is vital that the company is now transparent and upfront with potential victims and supports them in taking measures to protect themselves
“For anyone concerned they could be affected, it’s important to change any passwords you think might have been compromised – and keep a careful eye on bank accounts and credit reports. Also, be wary of emails or fake ‘customer support’ popping up on social media regarding the breach, as scammers may try to take advantage of it.”
It comes amid an ongoing struggle for the cruise industry, with many cruise lines continuing to halt operations as the pandemic rages on.
The outbreaks resulted in a number of deaths, as well as hundreds of holidaymakers being stranded at sea.
The Diamond Princess became one of the worst coronavirus incidents onboard a cruise ship to date.
More than 700 people tested positive for the virus, with 13 fatalities as a result.
The Grand Princess then suffered its own outbreak, resulting in around 100 cases and two fatalities.
The Holland America Zaandam was then struck, with 190 passengers showing flu-like symptoms and four deaths by the time it docked in April.