Still Awaiting A Full Explanation from Silversea Management

[taxatty]

4 hours ago, UKCruiseJeff said:

To the issue of this thread and the discussion about what has or may have happened at SS with respect to the extended outage of IT and phone systems.

 

From what I read, the early explanations was (a) a fire drill and (b) a series of IT decisions to PROTECT the systems from a possible future attack. 

 

No business shuts down for some weeks for a fire drill. What normally happens in a well-ordered company is that when you have a fire drill you never shut down everything from everyone outside particularly in a business that has SS's obligations with a world-wide travelling customer base, but instead the most senior people who have done many fire drills and who prefer to keep seated rather than run to the car-park are left to man the system and all those that are still learning to shave or do make up go and stand in their alloted space in the rain and in their allocated space in the far end of the car park waiting to see the pretend flames die down and have their name checked off the list and be told by people wearing day-glo plastic jackets that the pretend fire has been put out and it is now safe to go back to pretend to work.

 

The second explanation provided by a SVP was that it was to prevent an issue and that it would all be done and dusted in a few hours.  "Move on, move on their is nothing to see here".  This seemed odd when originally suggested and whatever/whatever it clearly is illogical and didn't turn out could never have turned out to be true.  So it was untrue. People tend not to advertise that they plan to attack as warning people tends to negate the whole point of the attack.

 

The scenario that most fits what happened is that SS hadn't paid for anti virus / anti ransomware on all it's workstations.  What also fits is that it didn't have an operational and fully stress tested roll back system which normally involves an overnight backup of the whole shebang plus hourly updates during the day of all critical systems so that you can in a day or to of frenetic activity and a load of running around and shouting and excuse making and soothing assurances  roll back the system to the last known safe point.  All robust and sensisble IT systems have been doing this for over 30 years or so and only the slower learners or confused still get caught out.

 

The scenario that most fits is that someone opened googling away at stuff then opened an email that contained a bit of ransomware on an unprotected workstation that then immediately went through the whole inadequately protected sysyem.  This nudged a ransomn demand for a large sum of bitcoin which was rejected and everyone since has been frantically trying to work out what to do next.

 

My theory.

 

Jeff

I can assure you from various personal experiences that SS may have had the best and most recently updated anti-virus and anti-ransomware software and link-blocking hardware installed on all of its servers and workstations, but all it can take to still bring the whole system down is for one person to unknowingly click on one bad phishing link. Nothing is 100% perfect for blocking malware.

[cruiseej]

On 9/10/2021 at 6:42 PM, Observer said:

You do not state how or whether you were personally affected by the outage.  I was not...

 

On 9/10/2021 at 6:42 PM, Observer said:

If guests data were compromised, I agree that there should be notification.  But I know of no evidence that such was the case.

 

Part of the point is that you, or I or any of us, don't know for certain what was or was not affected. If no personal data whatsoever was compromised, that's great -- but whenever a company has been hacked, and in this case took the rather extraordinary step to take their systems offline for two weeks, people worry if any of their data was stolen. They have names, addresses, email addresses, phone numbers, passwords, passport numbers, birthdates, travel history, etc. Apparently you don't have a concern about whether any such data was stolen, but I believe most people do. So for those of us who do, a statement about how their systems were compromised, what they found, and a reassurance that no data was stolen would be a welcome -- and I'd say expected -- resolution. (One lingering question I have, for instance is: if no customer data at all was stolen or compromised, why did they force us to create new passwords to log into the system after the outage?) Many other companies have been hacked, and it's pretty common for them to issue a statement to inform their customers what, if any, of their data was seen by the hackers.

 

As to whether or how people were affected by the outage, I think it runs a broad spectrum. You're right that many Silversea customers may not have tried to log onto their site over those two weeks and might be completely unaware there was a problem. (But they will be puzzled whenever they try to log into the website and find they must create a new password.) On the other end of the spectrum, there were people who were departing for cruises during or just after the outage who were for a time unable to reach Silversea customer service for details concerning their trip, from boarding passes to airline flight information to making payments due during the outage. Reading the comments posted here, and more so on Facebook, for some people this was a source of significant stress/worry/concern. In the middle were people (I'm in this group) who were trying to access the site to plan a cruise, trying to contact their SS representative to book or alter a cruise booking, or trying to book excursions, dining or spa appointments on upcoming cruises.

 

You say "I have no reason to receive an apology"; I would say that for those people who were inconvenienced, whether in a minor way or a more significant way, a simple apology with an explanation  would be good customer relations.

 

On 9/10/2021 at 6:42 PM, Observer said:

More generally, my experience has been that that the ‘top brass’ in the Silversea have regard for their clients.

 

I don't think anyone (or most people) have said that they don't care about their clients. They were faced with a major crisis -- for the first period, they couldn't communicate with their ships at sea or their staff or their customers -- and their business was in many ways closed for a week or more. I can appreciate the problems, the stress and the inconveniences this created for Silversea management across two continents. I have no doubt that they worked as quickly as they could to deal with and resolve the problem, and I applaud them for successfully resolving it. But I do think it would be appropriate for them, now that the problem is apparently in the rearview mirror, to issue a statement to their customers about why they were shut down for so long and assuring us no customer data was stolen.

 

5 hours ago, UKCruiseJeff said:

From what I read, the early explanations was (a) a fire drill and (b) a series of IT decisions to PROTECT the systems from a possible future attack. 

 

It was never about a fire drill.  (There may have been an automated message in the UK office, but no one claimed it was actually a fire drill.) Even from the beginning, Barbara Muckermann posted on FB that they had shut down their systems to thwart an attack.

 

Other SS posts on Facebook seem to indicate it was a phishing email which caused the problem. I think the ransom demand hypothesis is plausible, but is only speculation. There are problems malware can cause other than a ransom demand.

 

As for restoration, since we don't know exactly what occurred, it's hard to say they they should have been able to roll back to a day-before backup of their servers and be up and running. Perhaps it was several days or longer before they discovered the problem. For instance, someone at a desktop somewhere could have clicked on an email containing a phishing scam and not known it, or not reported it, until it showed up on other people's computers. And it's not just a matter of restoring the servers, but cleansing/restoring/wiping-and-reinstalling every desktop and laptop used by everyone in the company, to make sure the malware wasn't still installed somewhere waiting to re-infect their network. I agree that two weeks seems like a long time, but it's not out of reason depending on the nature of the attack.

 

That all said, it brings me back to my original point, which is that what's been missing here is transparency from Silversea. Now that the problem has been resolved, why has there been no statement to apologize for any inconvenience customers may have experienced, and more importantly, to assure us that absolutely no customer information was accessed?

Edited September 13, 2021 by cruiseej

[RJ2002]

I count three apologies in the original Silversea statement, which was posted on August 26 by LauraS.  

 

IMPORTANT MESSAGE: From Silversea Cruises

 

We've been asked to share this message from Silversea Cruises.  It appears below in it's entirety and unedited in any way:

 

We apologize as we are currently experiencing a system outage. Our technology team is working urgently to resolve this issue and we will provide an update as soon as we have additional information on the restoration timeline. We sincerely apologize for this interruption and inconvenience.

 

For urgent matters and guests sailing in the next 7 days, please reach us via direct or private message on our social media channels.

 

If you are in transit to or from one of our vessels, have air booked with Silversea, and are experiencing an air travel-related emergency, you may contact +1-786-275-7089. For all other inquiries, please contact us via social media direct or private message.

 

For enquiries regarding final payment on existing bookings, please note that the Early Booking Bonus deadline has been extended to September 3rd, 2021. Our Reservations team will get directly in touch with travel agents and booked guests in the next few days.

 

We sincerely apologize for the inconvenience.

[cruiseej]

Yes, they apologized in that posting, which was when their systems first went down. There was nothing after the situation was resolved two weeks later.

 

That was also posted only on Facebook, which many people don't use and didn't see. Why not send an email to customers, and/or add a link on their website?

 

Barbara Muckermann on Facebook promised a full explanation to customers once they had completed their investigation. That has not yet been forthcoming.

 

And finally, and most important I think, they have not yet said anything official to indicate that they have ascertained that absolutely no customer data was seen/stolen/compromised in this incident. If that's correct, then it should be easy to say so, put people's minds at ease, and put a firm period on this incident. 

[Gourmet Gal]

I have posted earlier and another poster reported the same that what actually happened was a phishing email was opened and infected at least one system so everything was shut down to ensure the virus didn’t affect other areas.  I was told this by a customer service rep and the other poster was told that by an SS exec.  Doesn’t sound like ransomeware but at the least they’re sticking to their story.

Edited September 13, 2021 by Gourmet Gal
More thoughts.

[ronrick1943]

Unless your personal information was exposed- I don’t think I need a detailed explanation from Silversea.  

[cruiseej]

22 minutes ago, ronrick1943 said:

Unless your personal information was exposed- I don’t think I need a detailed explanation from Silversea.  

 

I don't need, and I don't think any of use are asking for, a detailed explanation about who pressed the button to open the phishing email (if that's what happened) and everything that transpired thereafter. A one paragraph description could explain that they detected malware on a computer in their network, that they decided to shut all their systems down to prevent it from spreading or compromising their data, that they went through a meticulous process to insure every computer and server in the company was clean of malware, and that after reviewing the logs of their servers, they are completely confident no customer data was seen/stolen/compromised before they shut down for safety.

 

And yes, I would like to see some statement which tells me authoritatively that none of my personal information was exposed; that's all I'm really saying I expect from them. In fact, the chief customer officer promised a statement once they completed their work; that's what I'm waiting for. The details of who did what and when, and how they checked and cleansed their computers is detail we neither need or expect.

[chrism23]

For Jeff, CruiseeJ and others.  As I mentioned above I am very vested in this discussion.  My first observation is that I know of zero cases where a major corporation has been crippled by ransom ware or viruses for this long.  Such happenings are usually resolved in days at the most, not weeks as is the case here.  That scenario just doesn't wash.  Second, and this is what puzzles me is why Silversea is risking its brand's reputation by this continuing debacle.  In my case, as I stated previously my cruise consultant is  out ill.  I hope he is not very sick.  He has handled 4 soon to be 6 cruises for me and his work as been stellar.  My previous 2 cruise consultants at Silversea have also been great.  I will name names here, I worked with Erica Weinstien and Andrew Ironstone both of whom have left the company.  As of this monument my wife and I have sent At least 6 emails and close to a dozen phone calls to the individuals identified as filing in for him and all have gone without acknowledgment.  Even an email to probably the much beleaguered Barbara Muckerman didn't even get even a form or auto response.  In short, after nearly 2  weeks of trying I have yet to hear anything from anyone there.  

 

I don't have the exact figures but I remember that Silversea once ranked first among high end cruise lines in customer loyalty and repeat business.  I note many of the names above who have contributed to this thread I have sailed with in the past.  This is relatively a tight knit group who I imagine have put millions of dollars in Silversea's pockets over the last 5 years or so.  I can't imagine that someone at Silversea does not monitor this cruise critic site, someone should be reading this right now, and realize the growing discontent among its most regular clients.  

 

I surmise that Silversea is short staffed as a result of the impact of Covid on South Florida.  But even given that cannot excuse the now callous disregard they are showing to many of their most loyal clients.  I frankly don't have the remotest clue as to why this is happening.  I have not gone to the Facebook site looking for explanations because it has always seemed a fan site devoid of real insight and critical information.  As soon as anyone really finds out the explanation for this situation I would hope they would post it here.  In the mean time I remain, and I like this word, flummoxed.  Cheers all.  Chris

[Observer]

13 minutes ago, chrism23 said:

 As of this monument my wife and I have sent At least 6 emails and close to a dozen phone calls to the individuals identified as filing in for him and all have gone without acknowledgment.  

 

Why do you insist on trying to reach these specific people?

 

As I pointed out in a message to you earlier on this thread, the SS consultants freely cover for one another.  If your consultant is ill or on vacation or otherwise unavailable, any consultant can assist you.  In my earlier post on this thread I suggested concrete steps you can take.  I quote:

 

The consultants cover for one another.  Just call 800 682 8517 and don't put in an extension number.  I have had wonderful service from consultants who were covering for my absent consultant.  I simply explain (as they can see) that my consultant is so-and-so and s/he is away.

 

Are you saying that you tried this approach and the consultant you reached said s/he would not assist you?

 

 

[RetiredandTravel]

I cant count the number of times our personal information has been hacked (stolen).  We have a quality identify theft product and  are diligent checking personal credit information and online information (dark web).  In this case I'd change my password and the password to any other site that is the same.  Not much else you can do.

[Gourmet Gal]

1 hour ago, chrism23 said:

For Jeff, CruiseeJ and others.  As I mentioned above I am very vested in this discussion.  My first observation is that I know of zero cases where a major corporation has been crippled by ransom ware or viruses for this long.  Such happenings are usually resolved in days at the most, not weeks as is the case here.  That scenario just doesn't wash.  Second, and this is what puzzles me is why Silversea is risking its brand's reputation by this continuing debacle.  In my case, as I stated previously my cruise consultant is  out ill.  I hope he is not very sick.  He has handled 4 soon to be 6 cruises for me and his work as been stellar.  My previous 2 cruise consultants at Silversea have also been great.  I will name names here, I worked with Erica Weinstien and Andrew Ironstone both of whom have left the company.  As of this monument my wife and I have sent At least 6 emails and close to a dozen phone calls to the individuals identified as filing in for him and all have gone without acknowledgment.  Even an email to probably the much beleaguered Barbara Muckerman didn't even get even a form or auto response.  In short, after nearly 2  weeks of trying I have yet to hear anything from anyone there.  

 

I don't have the exact figures but I remember that Silversea once ranked first among high end cruise lines in customer loyalty and repeat business.  I note many of the names above who have contributed to this thread I have sailed with in the past.  This is relatively a tight knit group who I imagine have put millions of dollars in Silversea's pockets over the last 5 years or so.  I can't imagine that someone at Silversea does not monitor this cruise critic site, someone should be reading this right now, and realize the growing discontent among its most regular clients.  

 

I surmise that Silversea is short staffed as a result of the impact of Covid on South Florida.  But even given that cannot excuse the now callous disregard they are showing to many of their most loyal clients.  I frankly don't have the remotest clue as to why this is happening.  I have not gone to the Facebook site looking for explanations because it has always seemed a fan site devoid of real insight and critical information.  As soon as anyone really finds out the explanation for this situation I would hope they would post it here.  In the mean time I remain, and I like this word, flummoxed.  Cheers all.  Chris

I was also very suspicious of what was going on and thought it took a long time to remedy but I have been given the explanation and have already posted it here as has another poster.  An SS cruise consultant told me it was a phishing email that was opened and a virus infected at least one system so they shut everything down to prevent further problems.  At least one other poster reported the same.  That doesn’t explain why it took so long to remedy the issue nor does it explain your difficulty in connecting.  Just call the main line and ask for any consultant and they should be able to assist. The initial issue seems to have been resolved.

 

Yes, it is true that the regular posters here represent a big volume to SS but CC in general is utilized by a relatively small number of total cruisers of any one line.  I am sure most lines probably monitor these forums but in the age of Covid they are probably short-staffed and have to prioritize.

 

Do you work in enterprise software?  What further explanation are you seeking?

[cruiseej]

7 hours ago, Gourmet Gal said:

An SS cruise consultant told me it was a phishing email...

 

When a company is shut down for nearly two weeks, I do not believe that a low-level front-line phone rep's response to you and posted by you here should be the official corporate response. I find it unprofessional and unsatisfactory from a company which maintains a great deal of our personal information. Additionally, the Chief Customer Officer promised in a two-line Facebook post during the crisis that there would be a full statement at the completion of their investigation; there hasn't been any such statement from the company to its customers.

 

Perhaps it actually was simply one employee who accidentally opened a phishing email, and they decided to shut the company down out of an abundance of caution over customer and employee data. If so, they should say so, assure us no data was compromised, and put the matter to rest.

 

In the absence of such a statement, they leave their customers -- well, at least some of their customers -- to wonder whether that's what really happened. Was any data captured by the hackers? Was the company the victim of a ransom demand? Were law enforcement authorities involved in trying to track the hackers? Have they said nothing because there is an ongoing situation?

 

You ask what further explanation any of us are seeking. I believe any company whose customers know they were hacked would take the step to assure their customers that all is well and their personal data is safe. 

[RetiredandTravel]

Hopefully if passport numbers and social security numbers were breached they would tell people quickly.  Its often surprising how long companies wait to tell clients of a breach.  In June Carnival reported a breach from March.

 

https://fortune.com/2021/06/17/carnival-customers-affected-by-hacking/

[chrism23]

16 hours ago, Observer said:

Are you saying that you tried this approach and the consultant you reached said s/he would not assist you

Hi,  That is exactly what I am saying.  On the robo message left on my CC's phone he offers 2 names of people to contact in his absence.  6 phone calls, 4 emails. no response.  Going deeper into the SS web site, two more names for CC's are offered to contact ,  4 emails and about 6 phone calls.  No response.  I will take your suggestion and contact the number you offer above.  I shall post the results here.   My issues needing clarification concern EBB's, as is now repeated here frequently, that  have been extended to September 30th, but there were other, albeit minor issues, on board cabin selection,  (I have rolled $77,000) over of future cruise credits for their round the world cruise in 1/24 and their South American Grand Voyage in 1/23, air credits for business class travels, luggage services for the two legs of the South American grand cruise, on board credits,  among many other minor issues.  All of these issues I had verbally worked out with my previous CC and I can't expect a new CC to be aware of.  That is why I hope my CC comes back.

 

Gourmet Gal asks of If I work in enterprise software.  I don't.  But my wife, who is part of this saga, was President of Information Technologies for one of the 25 largest corporations in the world.  So I have one helluva of  a consultant.  

 

I realize how trivial these issues seem at this point in time, in a world that is on fire, and involve issues several years away.  But some of these issues were date certain.  Until this week the issue of EBB had a deadline of 9/3/21.   At that time action was required.  (No responses).  Now the date is supposedly, and I haven't received an official communication from SS on the issue) September 30th 2021.  This is another date certain.  It is now September 18th.  This means I will have to spend more time, and believe me this has consumed more than enough time, trying to 'officially' resolve these issues, before September 30th.   This from a company that has prided itself on seamless service and which is why I have been a very loyal client.    

 

 

[Gourmet Gal]

With so much on the line I can understand your frustration.  If it’s any consolation my TA was told the deadline for EBB is Sept. 30 and in light of all the system issues, your aggravation and so much at stake I would think SS would be very flexible with you but in the meantime, with your lack of faith in the company why don’t you just cancel everything?  SS isn’t the only luxury choice out there.
 

 

[RJ2002]

4 hours ago, chrism23 said:

Now the date is supposedly, and I haven't received an official communication from SS on the issue) September 30th 2021.

 

On Silversea's webpage, there is a prominent link to this notice regarding the EBB.

 

https://www.silversea.com/best-luxury-cruise-deals/early-bird-cruises.html

 

Sorry you are having such a frustrating experience reaching a CC.  It is times like this that I am thankful to have a great luxury cruise TA, who handles all the communications with the cruise line.

Edited September 18, 2021 by RJ2002

[chrism23]

Good link.  Thanks.  It looks like September 30th is going to be a very busy day in the world of Silversea.

[Herman The Cat]

We have booked Silversea many different ways — thru different TAs, and then direct with a cruise consultant. The WORST experience we ever had was booking direct with Silversea. We felt like we’d get better service,  more knowledgeable service, etc. Neither was the case. It was horrible…no communication, no information, upselling, etc.  I realized they are basically inside commission-based sales reps, some of whom have never set foot on a Silversea ship. It’s a transaction, not a relationship like you would have with a TA. I’m sure there are some excellent ones, but that wasn’t our experience. When we finally found a great TA, it was interesting when we got cold calls at home trying to “poach us” and get us back because we were in the system for direct booking. In your instance, it is unfortunate that you can’t reach anyone. That’s where a TA comes in. TAs have various contacts and avenues with each cruise line to get responses. Their job is to be your advocate. We are very happy to have a knowledgeable and professional full-service TA who has contacts, has traveled extensively and knows how to get things done. In normal times, booking direct is fine, but we are not in normal times and it is important that we have an advocate.

[WesW]

Herman; outstanding post comparing and contrasting TA's with booking direct with Silversea.

 

Only add I have is when you book direct with SS your are dealing with just 1/3 of your cruise trip (the pre portion, price/suite selection for the cruise), there is the during the cruise portion if an issue occurs, and the post cruise phase.

 

Last March on the Silver Cloud's last voyage due to Covid, due to the Government of South Africa refusing us docking rights for five days, we were at anchor off Capetown.  Silversea Air was swamped helping world cruisers get home from Australia and Shadow guests getting home from Brazil.  So Cloud Destinations could not help guests who wanted to make air changes until 24 hours before we disembarked on March 22 (a day longer than our original disembark date). 

 

Our TA stepped up during day one of our stranding and bought Biz Class tickets for return from Capetown.  Despite having included BC air from Silversea it was exceptional comforting to have a TA who could take immediate action during our cruise to sooth the wrenching feeling most of us felt stranded in the waters off Capetown.

[MBP&O2/O]

“Now I can understand applying the logic you don't need to use it for inclusive drinks or the butler (which I never use), but its always been included in the fares and have been acceptable. This change (for me anyway) make them non acceptable. I suspect than once the 42 days Ive got booked are used, they will be my last on SS unless that decision gets reversed and I already have a "preferred CL" waiting in the wings, so you can appreciate”
Agree 100% with the logic of that …I haven’t any one in the wings though🥲 Any hints as to yours?  🧐

in respect of the IT issues, all the software in the world doesn’t help when someone doesn’t understand the concept of what happens when you click “Delete All”. We never did find out how he got Supervisor Access and deleted all … several hundred …  emergency, contingency and operation plans, but he did’t do it again. Fortunately ALL the data was backed up on a daily basis.

[Gourmet Gal]

19 minutes ago, MBP&O2/O said:

“Now I can understand applying the logic you don't need to use it for inclusive drinks or the butler (which I never use), but its always been included in the fares and have been acceptable. This change (for me anyway) make them non acceptable. I suspect than once the 42 days Ive got booked are used, they will be my last on SS unless that decision gets reversed and I already have a "preferred CL" waiting in the wings, so you can appreciate”
Agree 100% with the logic of that …I haven’t any one in the wings though🥲 Any hints as to yours?  🧐

in respect of the IT issues, all the software in the world doesn’t help when someone doesn’t understand the concept of what happens when you click “Delete All”. We never did find out how he got Supervisor Access and deleted all … several hundred …  emergency, contingency and operation plans, but he did’t do it again. Fortunately ALL the data was backed up on a daily basis.

Sorry, what?

[Stumblefoot]

1 hour ago, Gourmet Gal said:

Sorry, what?

The post was a reply to the quoted portion of LesB’s post.

[Gourmet Gal]

Still makes no sense to me.  LesB was talking about all-inclusive and MBP was talking about IT issues?

[Stumblefoot]

1 hour ago, Gourmet Gal said:

Still makes no sense to me.  LesB was talking about all-inclusive and MBP was talking about IT issues?

No worries that it doesn’t make sense to you.  Just two separate thoughts expressed in a singular reply.

[QueSeraSera]

4 hours ago, Gourmet Gal said:

Sorry, what?

I was about to raise my hand too 🙂