Sorry, I thought I was clear in my post.
I did book my mother myself several months ago with our travel agent.
She has her own computer and randomly went online to find out information regarding our booking - information I had already provided to her. She went online and clicked to chat with some site thinking that it was Celebrity but it was some random travel agency - and they emailed her back our cabin #s. We are fortunate that it does appear to be a legit travel agent, just not OUR travel agent.
My biggest concerns are wondering what information does anyone (not just my elderly mother) need to provide a travel agent with in order for them to pull up our cabin #s and provide them to someone claiming to be the individual. If it is just merely by sail date and ship and first and last name, as someone suggested in response above, that's a security red flag in general.
My secondary concern is that my elderly mother may have provided our DOB along with first and last names and/or address and other personal info -- which is the huge red flag regarding my mothers general day-to-day actions on her computer. It may be time to restrict her access to the internet and ability to do online chats or go to certain websites - similar to child-level computer access restrictions f- or her own protection and ours.
Thanks to everyone who responded!