Arizona to get $52K in settlement with Carnival Cruise Line over data breach
PHOENIX — Arizona will receive just over $52,000 as part of a multistate settlement with Carnival Cruise Line over a data breach.
The Florida-based company will pay out $1.25 million to 45 states for the data breach that involved the personal information of approximately 180,000 employees and customers nationwide, Arizona Attorney General Mark Brnovich said in a press release on Wednesday.
“It’s never smooth sailing when your personal information has been compromised,” Brnovich said in the release. “Carnival Cruise Line will now be running a tighter ship.”
Carnival Cruise Line in March 2020 reported that an unauthorized person gained access to e-mail accounts and the breach included names, addresses, passport numbers, driver’s license numbers, payment card information, health information and some Social Security numbers.
Brnovich said 4,849 Arizona residents were impacted by the breach.
A probe into the incident was launched after it was revealed the company reported the breach 10 months after it happened, Brnovich said.
The company was also required to conduct various tasks to strengthen its email security and incident response practices, such as training for employees, multi-factor authentication for remote email access, password policies, as well as the implementation and maintenance of a response and notification plan should a breach occur.