Alberta Quilter Posted March 2, 2020 #1 Share Posted March 2, 2020 I was on the HAL website this morning and checked out the Coronavirus updates as well as some other things. Just now, I went back to the HAL website and noticed another notification about a "privacy event" (right below the Coronavirus updates): https://www.hollandamerica.com/en_US/news/public-notice-privacy-event.html I don't believe this notification was there this morning. Anyway, I wanted to bring it to everyone's attention so that they can monitor their credit scores as recommended by HAL. 1 4 Link to comment Share on other sites More sharing options...
Rare VMax1700 Posted March 2, 2020 #2 Share Posted March 2, 2020 9 minutes ago, Alberta Quilter said: I was on the HAL website this morning and checked out the Coronavirus updates as well as some other things. Just now, I went back to the HAL website and noticed another notification about a "privacy event" (right below the Coronavirus updates): https://www.hollandamerica.com/en_US/news/public-notice-privacy-event.html I don't believe this notification was there this morning. Anyway, I wanted to bring it to everyone's attention so that they can monitor their credit scores as recommended by HAL. Certainly was not there this morning. Thanks for bringing it to our attention. 1 Link to comment Share on other sites More sharing options...
1ANGELCAT Posted March 2, 2020 #3 Share Posted March 2, 2020 Thanks for the information. I just emailed it to my travel agent. Link to comment Share on other sites More sharing options...
hobo1937 Posted March 3, 2020 #4 Share Posted March 3, 2020 Evidently Princess Cruises is also affected. Similar notice on their website. Link to comment Share on other sites More sharing options...
Rare TriumphGuy Posted March 3, 2020 #5 Share Posted March 3, 2020 This pisses me off to no end. No excuse! None. 1 Link to comment Share on other sites More sharing options...
nickel-and-dime-me Posted March 3, 2020 #6 Share Posted March 3, 2020 They certainty are trying to downplay it as much as possible arent they? "We have no reason to suspect your information is being misused". How in the world could they provide any assurance of that? 2 Link to comment Share on other sites More sharing options...
AncientWanderer Posted March 3, 2020 #7 Share Posted March 3, 2020 Oh....how deflating. Thanks for the heads up, @Alberta Quilter Link to comment Share on other sites More sharing options...
canadianbear Posted March 3, 2020 #8 Share Posted March 3, 2020 Saw this on Princess too before I saw it on HAL. So much of this data breach going around. Here in Canada we had a major one with Lifelabs. Link to comment Share on other sites More sharing options...
AV8rix Posted March 3, 2020 #9 Share Posted March 3, 2020 (edited) Did they just post this info this morning concerning a data-breach event that apparently occurred in the timeframe of 4/11/19-7/23/19? Or is there a more up-to-date link concerning a more recent event? Edited March 3, 2020 by Av8rix Link to comment Share on other sites More sharing options...
Alberta Quilter Posted March 3, 2020 Author #10 Share Posted March 3, 2020 I believe they did just post the notification of the breach that occurred last year as you note. I didn't see that notification this morning when I checked on the coronavirus update and another poster above confirmed that it was not there this morning. Link to comment Share on other sites More sharing options...
Rare CruisingAndDiving Posted March 3, 2020 #11 Share Posted March 3, 2020 (edited) 2 hours ago, Alberta Quilter said: I believe they did just post the notification of the breach that occurred last year as you note. I didn't see that notification this morning when I checked on the coronavirus update and another poster above confirmed that it was not there this morning. This will be another kick in the teeth to CCL stock prices. Thanks for the heads up AQ...hopefully no one here is affected. I did look at both Carnival and Cunard websites and couldn't see the same notification Edited March 3, 2020 by CruisingAndDiving Link to comment Share on other sites More sharing options...
CruiserBruce Posted March 3, 2020 #12 Share Posted March 3, 2020 So, cutting through the hype....this sounds like a Carnival Corp. data breach. For all the cyber security experts posting here...what should they have done? Be very specific...as it might be important on your future job applications. 2 1 Link to comment Share on other sites More sharing options...
wesport Posted March 3, 2020 #13 Share Posted March 3, 2020 I remember last year I had an unauthorized charge from Princess for $200. I called Chase and they immediately closed the account and sent me a new card. Very inconvenient. Now I know where it came from. Link to comment Share on other sites More sharing options...
Rare kazu Posted March 3, 2020 #14 Share Posted March 3, 2020 Thanks for the heads up on this @Alberta Quilter. I had been on the HAL site earlier in the day too and didn't see this notice. Disconcerting if it is an old breach and they are just advising now. Link to comment Share on other sites More sharing options...
iwantsomesun Posted March 5, 2020 #15 Share Posted March 5, 2020 Sure looks like they are using the Corona Virus to hide this notification. Geez. Happened a while back and they just post about it now? Sounds pretty low risk if it's just a matter of a few employee email accounts being compromised. I don't imagine that they are emailing around usernames/passwords. @CruiserBruce - security is a huge topic covering everything from physical security, firewalls, remote access practices, employee training on social engineering issues, etc. No one is going to reply with a detailed plan on what got missed by HAL. HAL probably responded with many pages of documentation on security enhancements to improve things, but even then, it's a constant improvement process that has no one answer. 1 Link to comment Share on other sites More sharing options...
Queen of DaNile Posted March 6, 2020 #16 Share Posted March 6, 2020 It's big news tonight. No wonder Carnival stock took another hit today. Be pro-active. https://www.cnbc.com/2020/03/05/how-to-protect-yourself-from-princess-cruise-and-holland-america-data-hack.html Link to comment Share on other sites More sharing options...
CruiserBruce Posted March 6, 2020 #17 Share Posted March 6, 2020 7 hours ago, iwantsomesun said: Sure looks like they are using the Corona Virus to hide this notification. Geez. Happened a while back and they just post about it now? Sounds pretty low risk if it's just a matter of a few employee email accounts being compromised. I don't imagine that they are emailing around usernames/passwords. @CruiserBruce - security is a huge topic covering everything from physical security, firewalls, remote access practices, employee training on social engineering issues, etc. No one is going to reply with a detailed plan on what got missed by HAL. HAL probably responded with many pages of documentation on security enhancements to improve things, but even then, it's a constant improvement process that has no one answer. I am very aware of how security works. The number of second guessing experts..."they should of", "no excuse" type comments show a lack of understanding of how the bad guys operate. 1 Link to comment Share on other sites More sharing options...
thyme2go Posted March 6, 2020 #18 Share Posted March 6, 2020 (edited) Right now I'm royally PO'd with HAL for the secretive nature of this notice. We have a trip planned within a month and today I got a notice that says NONE of my info that was inputted when I made the reservation is in their data base. EVERYTHING..........all passport and Nexus info; emergency contacts and their info--every stinking thing of mine that HAL had-------was taken. Edited March 6, 2020 by thyme2go wording Link to comment Share on other sites More sharing options...
SempreMare Posted March 6, 2020 #19 Share Posted March 6, 2020 @thyme2go, could you copy & paste their letter to you about the breach here? ( MINUS your personal information of course 😉 re: >> I got a notice that says NONE of my info that was inputted when I made the reservation is in their data base. EVERYTHING..........all passport and Nexus info; emergency contacts and their info--every stinking thing of mine that HAL had-------was taken. Link to comment Share on other sites More sharing options...
thyme2go Posted March 6, 2020 #20 Share Posted March 6, 2020 (edited) SempreMare, HAL did not send me a notice with the missing info AND the breach in one email. I am the one who put that together as the email I received had the title "Missing Information" which is not that unusual and I expected there to be one or two piece's of info missing........when I looked for the missing info i I discovered that everything when I made the reservation was no longer there. Two of us are traveling and these were the lists (slightly different) under each name. Person #1 Emergency Contact Name Emergency Phone Emergency Full Address Passport Number Country Of Passport Issuance Passport Issue Date Passport Expiry Date Invalid Travel Document Type Person #2: Country Of Residence Emergency Contact Name Emergency Phone Emergency Full Address Citizenship Passport Number Country Of Passport Issuance Passport Issue Date Passport Expiry Date Country Of Birth Invalid Travel Document Type Us Address While In Us I don't presume to be on top of everything but it just seemed odd to me to be asking for info that should have already been in their system..........especially after the breach. Edited March 6, 2020 by thyme2go Link to comment Share on other sites More sharing options...
Rare Vict0riann Posted March 6, 2020 #21 Share Posted March 6, 2020 Is that how it works? When hackers "steal" your information they physically take it and there is nothing left in the file? Link to comment Share on other sites More sharing options...
mrmoviezombie Posted March 6, 2020 #22 Share Posted March 6, 2020 Nope, that's not how it works, unless it's a ransomware attack. Where the intent is to extort money from HAL. What is more likely is that HAL deleted the data themselves because they couldn't trust that the hacker hadn't modified it. Or more specifically they wiped the computers that the hacker access to. It usually simpler to hit it with a big hammer, especially when it's relatively easy to get the lost info from other "secure" sources. Link to comment Share on other sites More sharing options...
thyme2go Posted March 6, 2020 #23 Share Posted March 6, 2020 Thanks mrmoviezombie for the plausable explanation........... I didn't assume it was literally stolen but this is too weird given both things happened--security breach and empty data in my account. I have to admit that HAL is not inspiring a lot of confidence right now............and inputting data is not fun either! Link to comment Share on other sites More sharing options...
Rare VMax1700 Posted March 6, 2020 #24 Share Posted March 6, 2020 30 minutes ago, thyme2go said: and inputting data is not fun either! Specially on HAL's user-unfriendly website. Link to comment Share on other sites More sharing options...
MARLEY225 Posted March 6, 2020 #25 Share Posted March 6, 2020 3 hours ago, thyme2go said: SempreMare, HAL did not send me a notice with the missing info AND the breach in one email. I am the one who put that together as the email I received had the title "Missing Information" which is not that unusual and I expected there to be one or two piece's of info missing........when I looked for the missing info i I discovered that everything when I made the reservation was no longer there. Two of us are traveling and these were the lists (slightly different) under each name. Person #1 Emergency Contact Name Emergency Phone Emergency Full Address Passport Number Country Of Passport Issuance Passport Issue Date Passport Expiry Date Invalid Travel Document Type Person #2: Country Of Residence Emergency Contact Name Emergency Phone Emergency Full Address Citizenship Passport Number Country Of Passport Issuance Passport Issue Date Passport Expiry Date Country Of Birth Invalid Travel Document Type Us Address While In Us I don't presume to be on top of everything but it just seemed odd to me to be asking for info that should have already been in their system..........especially after the breach. Are you sure this request is actually from HAL? I would call them direct and ask them about it. Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now