[BreachExchange] Norwegian Cruise Line Suffers Data Breach

[Destry Winant]

https://www.infosecurity-magazine.com/news/norwegian-cruise-line-suffers-data/

A major cruise operator has suffered a data breach as the travel
industry battles the storm created by the COVID-19 outbreak.

Information from a database belonging to Norwegian Cruise Line was
discovered on the dark web by an intelligence team at DynaRisk on
March 13.

Data exposed in the incident included clear text passwords and email
addresses used to log in to the Norwegian Cruise Line travel agent
portal by agents working for companies including Virgin Holidays and
TUI.

DynaRisk said data relating to 29,969 travel agents was breached from
the portal on the agents.ncl.eu website on March 12.

"After verifying that the data records are legitimate credentials, we
notified a Norwegian Cruise Line representative immediately. Despite
opening our message later that day, we received no response. After
five days a representative responded to our team to discuss the
breach," said a DynaRisk spokesperson.

DynaRisk said that the incident left agents who were "already
vulnerable at this time" at higher risk of cybercrime.

A DynaRisk spokesperson said: "They are now exposed to account
takeovers on numerous platforms, sophisticated phishing emails and
fraud, which could put further pressure on large travel agents or
worse still, put smaller agents out of business."

Norwegian Cruise Lines told Infosecurity Magazine: “It has recently
come to our attention that the agents.ncl.eu website may have been
compromised. In an abundance of caution, we are in the process of
asking certain travel partners that may have been affected to change
their password for the site and any site for which they may have used
the same password, and to remain vigilant of any suspicious activity
or emails.

"We believe limited personal information was involved, specifically
names of travel agencies and business contact information such as
business addresses and email. This appears to be a unique and isolated
incident that involved only a regional travel partner portal which
houses marketing materials and educational information and did not
involve guest data. We are deeply committed to protecting the security
and confidentiality of information and regret any concern this matter
may have caused."

Norwegian is the third cruise line this month to hit the cybersecurity
headlines. Princess Cruises and Holland America Line both reported
being hacked on March 2.