Skip to main content
Emerging ThreatsData Breaches

Carnival Breach Exposes 6M Customer Records to ShinyHunters

Sensitive documents scattered on a table near a blurred computer screen in a brightly-lit travel agency office.

6 million customer records — that is the single, stark figure reported after an April security incident that the published account links to the hacker collective ShinyHunters.

Carnival confirms the theft

The Register reports that Carnival has confirmed ShinyHunters "cruised off with 6M customer records after April breach." The article describes Carnival as a "travel and leisure giant" and says the company acknowledged that customer data was taken in the incident tied to April.

ShinyHunters named as the actor

The published account specifically names ShinyHunters as the group responsible for taking the records following the April breach. The Register's wording attributes the theft to ShinyHunters and directly links that group to the loss of the 6 million customer records.

Scale of the exposed data: 6M customer records

The central, repeated figure in the report is 6 million customer records. That number is presented as the scale of what ShinyHunters "cruised off with" in the aftermath of the April breach, according to the article. The story frames the 6 million‑record figure as the defining metric of the incident.

Carnival as "one of many victims of the cybercrooks' crime spree this year"

Beyond Carnival itself, the article situates this incident in a larger pattern. The Register describes Carnival as "just one of many victims of the cybercrooks' crime spree this year," signalling that the reported April breach and the theft of 6 million records are being presented as part of a broader series of attacks affecting multiple targets during the year.

What this means for customers, travel and leisure companies, and the list of victims

  • Customers: The report identifies 6 million customer records as the data set taken in the breach tied to Carnival's April incident. Those customers are the individuals whose records the article says were stolen.
  • Travel and leisure companies: Carnival is named in the article as a "travel and leisure giant" and is described as one of several targets in a reported crime spree this year. The framing in the piece places Carnival within the sector-level pattern the article reports.
  • Other victims: The Register characterizes Carnival as "one of many victims," indicating the article places this incident alongside additional, unspecified breaches in a wider series described as a crime spree in the current year.

The Register's writeup centers on three plainly stated elements: that Carnival confirmed a breach tied to April, that ShinyHunters is named as the actor, and that 6 million customer records were taken. The article further places the Carnival incident in the context of a reported crime spree affecting multiple victims this year.

Read the original story: https://www.theregister.com/cyber-crime/2026/05/28/carnival-shinyhunters-cruised-off-with-6m-customer-records/5247808