Carnival Corporation and plc has referred itself to the Information Commissioner’s Office (ICO) following a cyber attack on its systems at the weekend.
Carnival disclosed the breach on Monday (17 August), describing it as a ransomware attack that happened on Saturday (15 August).
The cruise giant was forced to take its contact centre offline, with it remaining out of action on Monday and Tuesday.
Carnival said the attackers were able to "access and encrypt" part of one of its brands’ information system, adding data files were downloaded.
It also said it expected the attack to have compromised personal data belonging to both guests and employees.