Norwegian Cruise Line experiences data breach of travel agents records

Unfortunately for people impacted by the COVID-19 pandemic, cybersecurity breaches are one thing that has not ceased. Hackers, if anything, are more motivated than ever to take advantage of networks that might be more at-risk due to stay-at-home orders, and additionally, preying upon people’s fears to create phishing emails loaded with malware. It is this reality that the Norwegian Cruise Line is now uncovering thanks to research done by DynaRisk.

In a blog post on its website, DynaRisk has detailed a data breach that has made its way to the Dark Web:

On 13 March 2020, DynaRisk’s intelligence team discovered a breached database belonging to Norwegian Cruise Line. After verifying that the data records are legitimate credentials, we notified a Norwegian Cruise Line representative immediately. Despite opening our message later that day, we received no response. After five days a representative responded to our team to discuss the breach; as yet, we do not know if the travel agents on the list have been notified of the breach.

The information in question was found on hacking forums that are often used to propagate stolen data. The data specifically consists of clear-text passwords and email addresses belonging to 27,000 travel agents, many of whom are affiliated with major companies like TUI and Virgin Holidays. The data in question is used by travel agents to log-in to the agents.ncl.eu website, which acts as a portal for Norwegian Cruise Line.

As DynaRisk notes, with the travel industry at a standstill during the coronavirus outbreak, travel agents, in particular, are at a higher risk of cyberattacks. Researchers specifically state this is due to them being “exposed to account takeovers on numerous platforms, sophisticated phishing emails, and fraud which could put further pressure on large travel agents or worse still, put smaller agents out of business.” This incident with Norwegian Cruise Line is hardly an isolated incident.

Things are going to be this way for a while, so it is up to security professionals to keep the public informed. Additionally, travel industry professionals should be on high alert and on the lookout for any nefarious schemes.

Featured image: Flickr / Roel Hemkes

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Microsoft Teams: Pros, cons — and should you switch from Slack or Zoom?

Microsoft Teams is a popular collaboration tool that comes with a host of features. So,…

4 hours ago

Top 6 Kubernetes acquisitions of 2020 and why they happened

Kubernetes-related acquisitions were big in 2020, and here’s a look at the biggest of the…

9 hours ago

Apple macOS Big Sur released: Everything you need to know

New macOS Big Sur is a major upgrade with an overhauled top-to-bottom redesigned interface along…

3 days ago

Azure DNS: How to build and secure it using infrastructure-as-code

You’re only as strong as your weakest link. Here’s how to boost security by moving…

3 days ago

Exchange 2019: Managing your distribution groups with PowerShell

Managing Exchange 2019 distribution groups is an important part of any Exchange admin’s duties. Here’s…

4 days ago

Americold taken down by likely ransomware attack

Cold-storage provider Americold, one of nation's oldest companies, has been hobbled what many experts say…

4 days ago