Industry Leader Reaction To Princess Cruises Admits Data Breach

By   ISBuzz Team
Writer , Information Security Buzz | Mar 16, 2020 03:04 am PST

It has been reported that Princess Cruises, the cruise liner forced to halt its global operations after two of its ships confirmed on-board outbreaks of Coronavirus, has now confirmed a data breach. The notice posted on its website, believed to have been posted in early March, said the company detected unauthorised access to a number of its email accounts over a four month period between April and July 2019, some of which contained personal information on its employees, crew, and guests. Princess said names, addresses, Social Security numbers, and government IDs — such as passport numbers and driver’s license numbers — may have been accessed, along with financial and health information.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Jason Kent
Jason Kent , Hacker in Residence
InfoSec Expert
March 16, 2020 11:08 am

With a continuing uptick in automated attacks that leverage fraudulent and misused credentials, it\’s becoming more difficult for organizations to detect breaches without understanding more about the transactions that are happening throughout our networks. It\’s important that security teams are able to continuously monitor for anomalous behaviors, be able to assess the intention of the action, and have the ability to take swift action to stop bad actors. Detection is hard, but mitigation can often be harder without the right set of security tools.

Last edited 3 years ago by Jason Kent
Jonathan Knudsen
Jonathan Knudsen , Senior Security Strategist
InfoSec Expert
March 16, 2020 11:06 am

News of the data breach at Princess Cruises makes one thing perfectly clear: all businesses are software businesses. Regardless of specifics, software is part of the underlying critical infrastructure that supports every business.

Businesses of all types are realising that software is critical infrastructure. When software fails, the consequences can be severe, ranging from inconvenience and expense all the way up to reputation damage and loss of business continuity.

A proactive, security-forward culture is the best way to minimise risk. This means thinking about security in all initiatives, large and small. Ongoing security education is important, but it is just as important to incorporate security into the design of network infrastructure, internal software systems, and business processes, not to mention making security a first-class citizen when procuring software and systems.

Last edited 3 years ago by Jonathan Knudsen

Recent Posts

Would love your thoughts, please comment.x