Norwegian Cruise Line hacked; customers’ personal data leaked

Thousands of tourists worldwide could have been hit by a data breach on Norwegian Cruise Line, one of the world’s leading cruise lines. According to the reports, the email addresses, with their respective passwords, of almost 27,000 travel agents were compromised during this incident due to a database exposed on the Internet. The information has already begun to appear on various hacking forums.

The report was prepared by security specialists from DynaRisk, who mention that “the data was compromised from Norwegian Cruise Line’s travel agent portal on March 12; compromised information includes email addresses and passwords in clear text.” In addition, the researchers mention that this information is used by affected travel agents to log in to the cruise line platform.

A spokesperson from Norwegian Cruise Line mentioned on the issue: “We received a report stating that the website agents.ncl.eu could have been compromised. As a security measure, we decided to temporarily disable the website. It should be noted that this site is not related to the main NCL network”.

The spokesman added that access to the compromised database has already been disabled. In addition, as an additional precaution, some potentially affected travel partners have been asked to reset their passwords to access this platform.

Among the cybersecurity community, these kinds of incidents are known as “credential dumps”, and are unfortunately a common practice. The good news is that the frequency with which these incidents occur has improved companies’ ability to implement cybersecurity crisis management plans, such as resetting potentially compromised access credentials.

These kinds of incidents are compounded when affected users use the same passwords to access different online platforms, as threat actors could perform credential-filling attacks to try to access email accounts, Social media profiles and even business platforms using the stolen information, so it is essential to use a unique password for each website we visit. Implementation of monitoring systems is also recommended, as these tools make it possible to detect security threats in real time.