Carnival (NYSE:CCL) announced yesterday that earlier this week, it detected a ransomware attack on one of its brands that accessed and encrypted its information technology system. The company did not name the brand, but said that some of its data files were downloaded.
The company said it believes personal data of its guests and employees were accessed in the attack. Carnival said it immediately reported the incident to law enforcement, and an investigation is ongoing.
The cruise operator has seen its business come to a halt due to impacts from the coronavirus pandemic. In its most recent quarterly earnings report, the company said it expects an average monthly cash burn rate of $650 million for the second half of 2020. The company has joined the industrywide plan to suspend U.S. operations through at least Oct. 31.
Carnival has been trying to get some of its international operations restarted, however. In early August, it had plans to begin sailing its AIDA line in Europe. But it did not get the expected approval from the Italian government, and departures scheduled for between Aug. 5 and Aug. 12 had to be canceled.
The recent ransomware attack comes after the company finally had some much-needed good news to report on the operations front: It announced AIDA cruises would resume from Germany on Sept. 6, 2020.
Of the cyberattack, Carnival says it is working with "industry-leading cybersecurity firms," and it does not currently believe the attack "will have a material impact on its business, operations or financial results."