Special By By Tim Sandle Apr 6, 2020 in Technology As the travel sector battles with the economic consequences of the global coronavirus pandemic, news has come through about Norwegian Cruise Line being involved in a data breach, with customer data being exposed. Commenting on the incident for Digital Journal, Chief Security Officer and VP James Carder of In terms of how this type of situation should be reacted to, Carder recommends that all travel agents change their portal passwords, plus other passwords relating to other applications. In terms of the key risk factors, Carder says that: "Attackers are able to access with this credential dump, given that so many people still practice poor password hygiene and use the same one across multiple systems." The continued re-use of the same password by many people remains a security vulnerability. In terms of additional actions, Carder states that multifactor authentication should be put in place: "This would mean that in the future, even if an attacker managed to steal more passwords, they wouldn’t automatically be able to access the system. They would also need to figure out a way to sidestep the secondary authentication factor, making it much more difficult to breach the system. And since hackers like easy targets, this might be enough to discourage them from further pursuit." And as a final measure, Carder recommends that the cruise line implements monitoring and detection controls for their portal, systems, and applications. The information about the cruise line was discovered lurking on the dark web by an intelligence team at DynaRisk . After verifying that the collected data records were legitimate, the security firm notified Norwegian Cruise Line. Five days later the cruise company responded, to discuss the breach. The next action was for travel agents to be notified. According to Infosecurity Magazine , this incident leaves agents who were "already vulnerable at this time" at higher risk of cybercrime. Risks include account takeovers, phishing emails and fraud. These types of activity will put further pressure on large travel agents and there is the additional concern, during the era of coronavirus, of smaller agents out of business.Commenting on the incident for Digital Journal, Chief Security Officer and VP James Carder of LogRhythm Labs says: "Norwegian Cruise Line experienced a credential dump... it does also mean that we are well aware of many best practices that Norwegian (and others) can implement to minimize further damage and prevent this from happening in the future." In other words, lessons can be learned from this incident.In terms of how this type of situation should be reacted to, Carder recommends that all travel agents change their portal passwords, plus other passwords relating to other applications.In terms of the key risk factors, Carder says that: "Attackers are able to access with this credential dump, given that so many people still practice poor password hygiene and use the same one across multiple systems." The continued re-use of the same password by many people remains a security vulnerability.In terms of additional actions, Carder states that multifactor authentication should be put in place: "This would mean that in the future, even if an attacker managed to steal more passwords, they wouldn’t automatically be able to access the system. They would also need to figure out a way to sidestep the secondary authentication factor, making it much more difficult to breach the system. And since hackers like easy targets, this might be enough to discourage them from further pursuit."And as a final measure, Carder recommends that the cruise line implements monitoring and detection controls for their portal, systems, and applications. More about Data breach, Norwegian cruise line, Data loss More news from Data breach Norwegian cruise lin... Data loss