Cruise operator Carnival Corp said on Thursday it had detected unauthorized access to its computer systems in March, after which it alerted regulators and hired a cybersecurity firm to investigate the breach.
The company, whose shares were down over 2%, noticed the suspicious activity on March 19 and acted quickly to "to shut down the event and prevent further unauthorized access", it said in an emailed statement.
The breach affected personal information of some guests, employees and crew for Carnival Cruise Line, Holland America Line, Princess Cruises and medical operations, Carnival said.
"There is evidence indicating a low likelihood of the data being misused," the company added.
Miami-based Carnival also said it alerted individuals whose data had been compromised and set up a call center to respond to their queries.
Technology news portal Bleeping Computer first reported the breach.
The disclosure from the company comes at a time United States has witnessed a spate of increasingly bold cyberattacks on critical infrastructure.
A ransomware attack on Colonial Pipeline last month temporarily stalled one of the country's major arteries for fuel delivery. Meatpacker JBS USA's operations were disrupted earlier this month due to a cyberattack.
Carnival was also hit by a ransomware attack last year, which affected the information technology systems of one of its brands.