Carnival Corporation Discloses Data Breach Affecting Nearly 6 Million Guests
Carnival Corporation disclosed a data breach on May 27, 2026, after its IT security team identified unauthorized activity involving an employee account on April 14, 2026. An unauthorized actor used social engineering to gain access to a limited portion of the company's IT system, and personal information was determined to have been copied on April 22, 2026. The breach affected 5,995,277 individuals, with exposed data including names, addresses, email addresses, phone numbers, birth dates, driver's license numbers, and passport numbers.
Signal context
First seen: May 27, 2026
Last updated: Jun 25, 2026
Status: Public signal
Key points
- Carnival Corporation disclosed the breach on May 27, 2026.
- Unauthorized activity detected on April 14, 2026, involving an employee account.
- Social engineering used to gain access to IT system.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Retail Trade
Likely country: Location not provided
The feed marks multiple actor roles. Treat this as a review signal rather than a final attribution.
- Source type: outside the affected organization
- Source type: possible insider or internal misuse
Impact area: Confidentiality
Likely asset: User or customer data
- 3 signals in the same sector
- 95 signals with the same likely impact area
- 2 signals linked to this organization/domain
External sources
Substitute Notice May 27, 2026 - Carnival Corporationhttps://www.carnivalcorp.com/static-files/carnival-corporation-notice-of-data-breach-may-27-2026.pdfPublic source from carnivalcorp.com.
Biggest Cyber Attacks, Data Breaches, Ransomware Attacks of May 2026https://www.cybermanagementalliance.com/biggest-cyber-attacks-data-breaches-ransomware-attacks-may-2026/Public source from cybermanagementalliance.com.
'A serious matter:' Texas AG Ken Paxton launches investigation into Carnival Cruise Line data breach - WFAAhttps://www.wfaa.com/article/news/business/texas-ag-ken-paxton-investigation-carnival-cruise-line-data-breach/287-3474642b-5131-4029-923f-42714080922fPublic source from wfaa.com.
The Data Breach Brief: Week of May 27th, 2026https://www.forthepeople.com/blog/data-breach-brief-week-may-27th-2026/Public source from forthepeople.com.
Related signals
Grouped by why the signal is relevant.
Carnival Corporation Detects Data Breach Affecting 6 Million Individuals
Carnival Corporation detected unauthorized activity involving an employee account on April 14, 2026. A social engineering attack deceived an employee, granting an unauthorized actor access to a portion of the company's IT system and allowing them to copy personal information. The breach affected an estimated 6 million people, with compromised data potentially including names, addresses, emails, phone numbers, birth dates, driver's license numbers, and passport numbers.
Xsolis Data Breach Affects Nearly 1.4 Million Individuals
Healthcare technology company Xsolis disclosed a data breach impacting approximately 1.4 million individuals. The incident stemmed from a targeted phishing attack on January 20, 2026, which led to unauthorized access to a limited portion of the Xsolis environment. Exposed data includes names, dates of birth, Social Security numbers, health insurance information, and medical treatment information. Xsolis provides AI-powered solutions for healthcare providers and payers.
Data Breach Hits Over 100 Dutch Hotels via Shared Booking Software
Hospecs, a Dutch hospitality services firm, confirmed a data breach affecting at least 100 Dutch hotels, with reports also coming from Belgium and Ireland. The breach exposed guests' contact details and reservation information, which criminals are using for phishing attacks.
First Advantage Corporation Data Breach Exposes SSNs and Driver's Licenses
First Advantage Corporation, a global background screening company, experienced a cybersecurity incident in November 2025. An unauthorized actor gained access to a single employee's email inbox within its Drug & Occupational Health Screening Unit through a sophisticated phishing attack. The attacker downloaded the contents of the inbox, potentially exposing sensitive personal information for 4,669 individuals. This data included names, Social Security numbers, driver's license numbers, email addresses, and passwords to Profile Advantage accounts. First Advantage began notifying affected individuals on or about May 29, 2026.
Trump Mobile Confirms Customer Data Exposure
Trump Mobile confirmed on May 22, 2026, that a security lapse exposed customers' personal information, including phone numbers and home addresses. This incident increases the risk of identity theft, phishing campaigns, and targeted fraud against affected users.
City of Aurora loses $1.1M in phone scam cyber attack
The City of Aurora lost approximately $1.1 million from city bank accounts after an employee fell victim to a phone-based social engineering scam. Attackers gained access to city bank account information and fraudulently transferred public funds.