Data Breach Announcement by Hurtigruten

[jonikal]

Dear  guest,

We are writing to provide information on a data security incident that has affected some Hurtigruten guests’ information.  

Our investigations indicate that information for a limited number of guests having booked expedition voyages with two ships, MS Fram and MS Midnatsol, in a certain time period have been affected by the incident. For MS Fram the relevant time period is from 2018 to 2020. For MS Midnatsol the relevant time period is from 2016 to 2020. 

 

Assume anyone having sailed on the Midnatsol and Fram during those periods would have also have received this notification.

[clo]

That's it????? Not asking you to get in touch with them some way? Providing the info as to how? Was that an email? We traveled on one of those ships during the described dates. And I have the same contact info as I did then. 

[clo]

1 hour ago, jonikal said:

Dear  guest,

We are writing to provide information on a data security incident that has affected some Hurtigruten guests’ information.  

Our investigations indicate that information for a limited number of guests having booked expedition voyages with two ships, MS Fram and MS Midnatsol, in a certain time period have been affected by the incident. For MS Fram the relevant time period is from 2018 to 2020. For MS Midnatsol the relevant time period is from 2016 to 2020. 

 

Assume anyone having sailed on the Midnatsol and Fram during those periods would have also have received this notification.

It appears that this was back in December.

[clo]

1 minute ago, clo said:

It appears that this was back in December.

https://www.securityweek.com/norwegian-cruise-company-hurtigruten-hit-cyberattack#:~:text=Norwegian cruise company Hurtigruten announced,Moe-Helgesen in a statement.

[hallasm]

More details at this link: Hurtigruten.com  

and Yahoo finance:

Hurtigruten Addresses Recent Data Incident and Ongoing Dedication to Protection of Customer Information

Edited March 1, 2021 by hallasm

[clo]

3 hours ago, hallasm said:

More details at this link: Hurtigruten.com  

and Yahoo finance:

Hurtigruten Addresses Recent Data Incident and Ongoing Dedication to Protection of Customer Information

Thanks A LOT for that! I would be nice if @jonikal would reply back. Again, gratitude.

[jonikal]

Sorry I didn't copy and paste the entire text.  Thanks hallasm for adding the link.

[clo]

On 3/2/2021 at 2:20 AM, jonikal said:

Sorry I didn't copy and paste the entire text.  Thanks hallasm for adding the link.

But were you told to get in touch with them. And did you just get this considering it was announced in December?

[jonikal]

17 hours ago, clo said:

But were you told to get in touch with them. And did you just get this considering it was announced in December?

This is what we received on March 3, 2021:

 

Dear  guest, We are writing to provide information on a data security incident that has affected some Hurtigruten guests’ information.   Our investigations indicate that information for a limited number of guests having booked expedition voyages with two ships, MS Fram and MS Midnatsol, in a certain time period have been affected by the incident. For MS Fram the relevant time period is from 2018 to 2020. For MS Midnatsol the relevant time period is from 2016 to 2020.  We recently learned that your information has been affected by this incident.     What happened?  On December 14, 2020, we learned that an unauthorized actor gained remote access to our network and encrypted parts of our computer systems. At that time, however, we were unable to determine which guests may have been affected, if any, and what information might have been accessed.  We immediately disabled affected computer systems, took down their internet connection to prevent any further intrusion and launched a forensic investigation to determine the nature and scope of the incident. We understand that Hurtigruten was one of many companies that was a victim of this type of intrusion. What Information Was Involved?  Based on our investigations, we have recently determined that your affected information involves: Name and date of birth;  If you were sailing with MS Midnatsol, your passport number and passport expiration date; and  For some guests the affected information involves e-mail address, mailing address, and/or phone number. Based on our investigations to date, the unauthorized actor did not gain access to your credit or debit card information, social security numbers, driver’s license numbers, or other government-issued identification card numbers. Hurtigruten does not store credit or debit card information.   What We Are Doing?  As noted above, we immediately took steps to contain the issue and commenced an investigation to determine the data and individuals that may have been affected.  We reported this matter to Norwegian law enforcement and the Norwegian Data Protection Authority (since Hurtigruten is based in Norway) and the Federal Bureau of Investigation. We also notified other applicable privacy regulatory authorities.   Over the past years we have made significant investments in data privacy and cyber security. Since this incident, we have further strengthened these efforts and our internal experts are working closely with third-party cybersecurity experts to further enhance the security of our systems and reduce the risk of a similar event happening in the future.  What Can You Do  On February 18, 2021, we discovered the unauthorized actor placed some of the above information on a difficult to access part of the web. We do not have any indication of actual harm to affected individuals as a result of this incident, but we still recommend you follow the enclosed additional steps that you can take to protect your personal information. We sincerely regret any concerns or inconvenience that this incident may cause you.  For More Information  If you have questions or require further assistance, please contact us via one of these channels:  Web page: https://www.hurtigruten.com/info/ Phone: 1 (833) 907-3030 (tollfree number). The phone line is open between 6:00 a.m. to 6:00 p.m. PST, Monday through Friday, excluding major U.S. holidays. Sincerely,

John Downey President, Hurtigruten Americas

[hallasm]

Thank you for sharing full text. This indicates that this information has only been sent to guests who have purchased MS Fram and MS Midnatsol voyages from the North America office - information is only available at hurtigruten.com - not on any other Hurtigruten web.  Probably to meet US / Canarian rules.

[clo]

4 hours ago, hallasm said:

Thank you for sharing full text. This indicates that this information has only been sent to guests who have purchased MS Fram and MS Midnatsol voyages from the North America office - information is only available at hurtigruten.com - not on any other Hurtigruten web.  Probably to meet US / Canarian rules.

And evidently only those affected were notified. Evidently we weren't affected. Yes, thanks, @jonikal

[phileas]

A similar letter has been sent to people in lots of countries. We have had it on the UK. What does vary is when checking the online help associated with the relevant country. In the US they advise keeping a check on your credit rating in case someone tries to use your details.

 

In the UK, no mention of this!

 

Although credit and debit card details have not been taken, it does not mean you are safe against identity theft.

 

Lots of crew have also been affected and are not happy!