Cruise operator Carnival Corp said on Monday it launched an investigation into a ransomware attack on one of its brand’s information technology systems.

Carnival, which operates AIDA, Carnival and Princess cruises among others, in a regulatory filing said the attack included unauthorized access to personal data of guests and employees.

The company did not identify the brand that was affected and declined to provide more details, as the investigation process was at an early stage.

The attack adds to the woes of the company that has been already struggling with suspension of its cruises for months due to the COVID-19 pandemic amid travel restrictions across the world.

Certain data files were downloaded during the attack, Carnival said, and added that there was no assurance that information technology systems of its other brands will not be adversely affected.

Ransomware is a type of malicious program used by hackers to take control of files in an infected system and then demand hefty payments to recover them.

The company said it believed the incident will not have a material impact on its business, operations or financial results.