Hurtigruten Addresses Recent Data Incident and Ongoing Dedication to Protection of Customer Information
Hurtigruten, the world’s leading expedition cruise line, values all guests and understands the importance of protecting personal information. On December 14, 2020, Hurtigruten learned that an unauthorized actor encrypted the computer systems relating to two of their ships, the MS Fram and MS Midnatsol. The data impacted for limited MS Fram guests was between 2018-2020 and for limited MS Midnatsol guests 2016-2020. Immediately upon learning of this incident, Hurtigruten disabled the affected computer systems, took down their internet connection to prevent any further intrusion, and launched a forensic investigation to determine the nature and scope of the incident.
Recommended AI News: Melax Technologies, Inc., Launches Turn Key LANN Software for Text Annotation
Based on the investigation, the personal information that might have been affected by this incident consisted of affected customers’ – names, dates of birth, passport numbers and passport expiration dates. Affected customers’ email addresses, mailing addresses, and/or phone numbers might also have been affected by this incident. Credit and debit card information, social security numbers, driver’s license numbers, and government-issued identification card numbers were not affected by this incident. Hurtigruten does not store credit card or debit card numbers. Additionally, if affected customers were treated by a medical provider during their stay on the MS Fram or the MS Midnatsol, certain information collected by that medical provider may have been affected by this incident, such as the medical provider’s notes about the affected customer’s visit.
Recommended AI News: Persistent and FinMkt Partner to Bring Point of Sale Digital Lending Solutions
Hurtigruten values the information security of all customers and is currently working to resolve this situation. Hurtigruten immediately took steps to contain the issue and commenced an investigation to determine the data and individuals that may have been affected. Hurtigruten also reported this matter to Norwegian law enforcement based on the company’s Oslo headquarters location and the Federal Bureau of Investigation. Hurtigruten is continuing to work with third-party cybersecurity experts to enhance the security of their systems and reduce the risk of a similar event happening in the future.
Hurtigruten is in the process of contacting customers in order to improve our cyber threat prevention, detection and response. While there is no indication of actual harm to any individuals as result of this incident, Hurtigruten does recommend taking steps to ensure personal information is safe in including monitoring accounts, set up fraud alerts, monitor personal health information, gather additional information from creditors on how to freeze accounts as needed and contact additional resources to explore fraud protection options in the future through the FTC.