memoak Posted March 4, 2020 #26 Share Posted March 4, 2020 Read closely it had to do with employee e-mails. You would ever send sensitive days over an e-mail Link to comment Share on other sites More sharing options...
Rare LMaxwell Posted March 5, 2020 #27 Share Posted March 5, 2020 On 3/2/2020 at 6:08 PM, bluesea321 said: Hi voljeep, were you notified about this today? I read the announcement and it states "between April 11 and July 23, 2019, an unsanctioned third party gained unauthorized access...." so I am wondering what took so long to notify affected customers. Wait until there is a much bigger problem going on and then announce. Look how little this is being discussed. Not even a sticky on this forum. One topic. Link to comment Share on other sites More sharing options...
Rare LMaxwell Posted March 5, 2020 #28 Share Posted March 5, 2020 On 3/3/2020 at 9:57 AM, 1Gizmo said: Some of questions about why did they wait so long? That notice was dated May of 2019. So it is not just being sent out. Yes it is. Princess just disclosed this week Link to comment Share on other sites More sharing options...
CruiseVA Posted March 5, 2020 #29 Share Posted March 5, 2020 As an ex-email admin, I've repeated this phrase many times over the past 40ish years, never, ever, send any information that you don't want exposed via email, it is inherently insecure by definition of the protocol. Link to comment Share on other sites More sharing options...
jb008 Posted March 5, 2020 #30 Share Posted March 5, 2020 Reading between the lines, they notified the people affected and put out a quiet public release. Why would a full fanfare press release be needed when some email accounts were compromised and the contents potentially accessed by a third-party. Sounds like a pretty minor breach, probably passswords reused by employees and breach stems from one of the big account credential leaks from a while back. Not really news imho Link to comment Share on other sites More sharing options...
Thrak Posted March 5, 2020 #31 Share Posted March 5, 2020 Likely only affects those who have a PVP. I can't see where anybody else would be involved. Link to comment Share on other sites More sharing options...
msw.delafield Posted March 5, 2020 #32 Share Posted March 5, 2020 For what it's worth, this from CNBC article online today. Sample Notification Letter attached “We take privacy and security of personal information very seriously, and we are offering affected individuals free credit monitoring and identity theft detection services,” Carnival said in sample consumer notification letter submitted to the California attorney general. Exhibit B - Sample Consumer Notification US-2 (Submitted).pdf Link to comment Share on other sites More sharing options...
TheRabbit Posted March 5, 2020 #33 Share Posted March 5, 2020 On 3/2/2020 at 4:39 PM, Cruise Raider said: I caught that 'employee email' statement ... that makes me feel better. Whew! There are also phone numbers to call. Has anyone done this? I like other never put this info in an email. I have put in partials and sent the balance via another system, but never all the info into one body. Link to comment Share on other sites More sharing options...
Rare Cruise Raider Posted March 6, 2020 #34 Share Posted March 6, 2020 12 hours ago, TheRabbit said: There are also phone numbers to call. Has anyone done this? I like other never put this info in an email. I have put in partials and sent the balance via another system, but never all the info into one body. I didn't call ... never sent any information except for my booking number and sail date into an email to Princess. I do closely monitor all my accounts. Of note, I also received this same notification from Holland America, but again, no sensitive information had ever been sent via email. Link to comment Share on other sites More sharing options...
Rare Cruise Raider Posted March 6, 2020 #35 Share Posted March 6, 2020 13 hours ago, msw.delafield said: For what it's worth, this from CNBC article online today. Sample Notification Letter attached “We take privacy and security of personal information very seriously, and we are offering affected individuals free credit monitoring and identity theft detection services,” Carnival said in sample consumer notification letter submitted to the California attorney general. Exhibit B - Sample Consumer Notification US-2 (Submitted).pdf 68.29 kB · 3 downloads Credit monitoring and identity theft detection is something that anyone can do on their own. It's the repair of your credit and identity, after the fact, that is crucial, which isn't covered by this free service. Just my 2 cents ... Link to comment Share on other sites More sharing options...
Thrak Posted March 7, 2020 #36 Share Posted March 7, 2020 15 hours ago, Cruise Raider said: Credit monitoring and identity theft detection is something that anyone can do on their own. It's the repair of your credit and identity, after the fact, that is crucial, which isn't covered by this free service. Just my 2 cents ... My Capital One credit card does this automagically. My credit rating is always available and they also do credit monitoring. Link to comment Share on other sites More sharing options...
Rare Cruise Raider Posted March 7, 2020 #37 Share Posted March 7, 2020 10 hours ago, Thrak said: My Capital One credit card does this automagically. My credit rating is always available and they also do credit monitoring. Many institutions do the monitoring for no charge. No need to have another company do it ‘for free’. Link to comment Share on other sites More sharing options...
Rare Steelers0854 Posted March 7, 2020 #38 Share Posted March 7, 2020 (edited) On 3/2/2020 at 7:28 PM, Sea Hag said: Since it was email accounts, everybody who has never sent their personal info to Princess via email ought to be fine. Ought to. In a reasonable world. I've never emailed mine, so unless Princess employees like to forward emails back and forth amongst themselves, I think I'll be fine. This was likely just a CYA thing, which is why its a notice posted to their website and not a wider messaging. Likely what happened, a couple of employees clicked links in emails they weren’t supposed to and gave the bad actor their credentials. It wouldn’t be limited to emails that YOU sent Princess, but what those respective employees sent internally to other employees, which is much more likely (depending on their position) to contain more personal information. That said, its likely its VERY limited information int the grand scheme of things. Most major companies archive all employee emails, so they likely have an idea exactly what was potentially compromised and posted this to cover themselves. Just my thoughts. Edited March 7, 2020 by Steelers0854 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now