Connecticut Attorney General William Tong and New York Attorney General Letitia James have announced their respective settlement sums from the multistate agreement with Florida-based Carnival Cruise Line following a 2019 data breach involving personal information of approximately 180,000 employees and customers.
Carnival has agreed to pay $1.25 million in the settlement, which will be divided among 46 states. Connecticut will receive $67,505.86 from the settlement and New York will receive $44,092.12.
“It”™s important that Connecticut residents are notified quickly when their information may be at risk due to a data breach,” said Tong, who co-led the multistate investigation with the attorneys general in Florida and Washington. “This settlement sends the message that companies need to take stock of what information they maintain and take reasonable steps to protect that information. Storing large amounts of information in unmanageable formats, such as email, does not excuse delays in notifying state attorneys general or impacted individuals about a breach.”
“Carnival Cruise Line failed to securely dock and safeguard thousands of consumers”™ personal information,” said James. “In today”™s digital age, companies must shore up their data privacy measures to protect consumers from fraud. New Yorkers on vacation should not have to worry about their personal information being exposed. Today”™s agreement will require Carnival to turn the tide on its reckless data security practices.”
Photo courtesy of Carnival Cruise Line
