Norwegian Cruise Line’s Breached Database Exposes Passwords of Travel Agents

Norwegian Cruise Line's Breached Database Exposes Passwords of Travel Agents

Norwegian Cruise Line (NCL), also known  as Norwegian for short, has suffered a data breach involving the emails and passwords of approximately 25,000 travel agents. No guest data was exposed. The breach was discovered by British security firm DynaRisk. Norwegian is the third largest cruise liner in the world.

Norwegian’s Travel Agents Portal Breached

On 13 March 2020, DynaRisk’s intelligence team found a breached database belonging to Norwegian. The data in question is related to travel agents who use Norwegian’s travel agent portal. DynaRisk says that they notified Norwegian immediately upon verifying the legitimacy of the data records. However, it took days to receive a response despite the initial message being opened later that day. After five days, a representative responded to the cybersecurity team to discuss the breach.

At the moment, the portal is “temporarily unavailable”. No further explanation is given on the portals’ home page.

Clear Text Passwords and Emails Involved

The information leaked included clear text passwords and email addresses the travel agents used to login to Norwegian’s portal. The addresses belong to travel agents working for major leisure, travel and tourism companies, such as Hays Travel, Co-operative Travel, TUI and Virgin Holidays. On 18 March, DynaRisk contacted several of the travel agents.

The breach did not involve guest data, but is – again – a stern reminder for companies to properly secure databases and for everyone to use 2-factor authentication wherever possible as well as unique and strong passwords. This is to prevent cybercriminals from using breached email addresses and passwords to login to different platforms where the same credentials have been used.

Even More Vulnerable

The data breach leaves agents that are already vulnerable at this time due to the coronavirus outbreak at an even higher risk of cybercrime. This is because the data breach makes them more vulnerable to account takeovers, sophisticated phishing emails, and fraud.

Norwegian is the third cruise liner that made cybersecurity headlines this month. In early March, Princess Cruises confirmed a data breach that also had an impact on Holland America Line. Both are owned by the same parent company, Carnival Corporation.

IT communication specialist
Sandra has many years of experience in the IT and tech sector as a communication specialist. She's also been co-director of a company specializing in IT, editorial services and communications project management. For she follows relevant cybercrime and online privacy developments. She rigorously tests the quality of VPN services using's dedicated VPN testing protocol that has been finetuned and optimized over the years.