It could be a few things then sadly. Personally my money is on credentials being "sniffed" on the ship. The data is also satellite based transmissions. Back in the day these were very very easy to hack and network owners basically didn't give a hoot if one of their connections were utilized for nefarious purposes.
Looking at it from a naughty bad hacker pov i would absolutely poison the routers on a cruise ship if i wanted to harvest details. I don't, but i do know how some attack vectors work in detail. It is an environment where people let their guard down for a start.
One flag to me is that it was listed on the day you were back, so to possibly disguise details being taken whilst on the ship. Alternately an attacker may log stuff to a usb stick and grabs it when it comes to home port again. This would make it harder to detect as a hack via a network audit as no dodgy data was sent over a network with logging active.
Do you have important files on your laptop? back them up right now if i were you to an offline source, usb key etc. I can spare 20mins tomorrow to check your registry, mbr etc if you like to make sure you have no nasties on your devices. I would assume, if i were you, that you do have keyloggers of one sort or another installed and work from that.