Likely NCL Data Breach (within 2 years or so). Be careful.

[Shawnino]

Sorry if someone else has already posted a similar experience and thois is "old news".

 

I was sifting through my Junk mail folder when I came upon one of those silly phony-blackmail letters demanding to be paid in Bitcoin. Basically the upshot is that the sender claims to have access to your e-mail account, computer, etc. and if you don't pay up a certain amount of Bitcoin, he will ruin your life. My blackmailer demanded $782 worth. Whatever. I get one of these a week.

 

What made this one different was that as 'proof', the blackmailer told me that he first got access to my e-mail account when my e-mail password was (x------x). 

That has never been a password on any of my e-mail accounts, so the blackmailer is clearly lying.

(x------x), however, corresponds to the number of a recently expired passport of mine.

 

I know with absolute certainty that the only time I've entered that particular passport's details online was to do the NCL pre-check-in. 

 

Could the passport number have been retrieved from somewhere other than NCL's site?  

It's possible, but it's very unlikely. It's not my primary travel document and I seldom used it to cross borders. I never use it in conjunction with airline tickets, hotel reservations, or what have you.

When I replaced it, I watched the Immigration official destroy it.

 

So look: be careful out there. There's no cause for panic, at least not yet. This idiot doesn't even realise what he stole (or bought, or whatever). It is somewhat disconcerting that if he puts together the name with the address and figures out he has a passport number he could try to reconstitute a passport. (I'm not so nervous for myself: that passport expired.) Without a photo, I don't know how much value that has. 

 

But I'm going to call NCL tomorrow and ask them to clear the passport number out of their database, in case the breach is ongoing. You might want to do the same.

 

 

[calmpets]

I don't think they keep that number on file past your sail date. If they did, I would assume I wouldn't have to enter it from scratch every time I do an online checkin. Please post after you've talked to them, and good luck!

[BirdTravels]

Your passport is provided to every port you have ever visited or foreign airport you transited. 

[zqvol]

Just as much chance that they hacked the State Department database, as the NCL database.

[Socalev]

Didn't Marriott have a breach that exposed passport numbers?  

[shof515]

this is why you need to use a unique password for each site you use and try to use two factor authentication for you main email and any other services that offer this protection (gmail and outlook mail is the two i use)

[Shawnino]

13 hours ago, BirdTravels said:

Your passport is provided to every port you have ever visited or foreign airport you transited. 

 

There's no reason for it to be provided in a pairing with my e-mail.

[Shawnino]

13 hours ago, zqvol said:

Just as much chance that they hacked the State Department database, as the NCL database.

 

I don't think State would have that e-mail address on file, at least not paired to the passport. 

[Shawnino]

13 hours ago, Socalev said:

Didn't Marriott have a breach that exposed passport numbers?  

 

I'm not sure what the Marriott breach covered.

In my own case, I've never provided that passport to a hotel.

[Itchy&Scratchy]

I have no idea what my passport number is... So, if somebody would have sent me the number as a password, I wouldn't have guessed as to what that number represents.

[pfopma]

Most European hotels also ask to see your passport. Not sure what they do with it but if the number is input into their systems that could be where a breach occurred. 

[Shawnino]

I was told my request would be passed on to IT, the end.

[fshagan]

On 2/3/2019 at 11:38 AM, Shawnino said:

I know with absolute certainty that the only time I've entered that particular passport's details online was to do the NCL pre-check-in. 

 

Could the passport number have been retrieved from somewhere other than NCL's site? 

 

Have you done a malware / virus scan lately? It could be a man-in-the-middle attack with malware on your computer that is sniffing your passwords. A passport number is "personal information" so it should be stored encrypted on their servers, but I have no idea how well NCL does in this regard.

 

I haven't heard of any NCL data breeches. It's very hard to detect them with databases with wide access so your report to them does help. If they get enough reports they will look into it. Usually the companies realize there's been a breech when the database is published or sold somewhere online, then they can figure out the time line, then they can identify the accesses that constitute the breech. 

 

[Shawnino]

3 hours ago, fshagan said:

 

Have you done a malware / virus scan lately? It could be a man-in-the-middle attack with malware on your computer that is sniffing your passwords. A passport number is "personal information" so it should be stored encrypted on their servers, but I have no idea how well NCL does in this regard.

 

I haven't heard of any NCL data breeches. It's very hard to detect them with databases with wide access so your report to them does help. If they get enough reports they will look into it. Usually the companies realize there's been a breech when the database is published or sold somewhere online, then they can figure out the time line, then they can identify the accesses that constitute the breech. 

 

 

I run virus stuff semi-regularly, when entering personal info/cc I tend to use a vpn. I likely could do much better.

 

Anyway let's hope they figure it out.