Finger-lickin' hack: KFC loyalty card scheme breached

Colonel's Club members advised to reset their passwords following attacks

KFC fans may be spitting feathers today, after the fried chicken franchise admitted its UK loyalty card programme has been hacked.

The 1.2 million members of the Colonel's Club - which allows customers to earn points and rewards through repeated visits to the chain's locations - were informed that the system had been compromised, and that they should change their passwords for the service along with any accounts that shared it.

Advertisement - Article continues below

Just 30 user passwords were targeted, the Colonel said, adding that the incident was not a major hack. A KFC representative was also quick to point out that no payment information was put at risk.

"We take the online security of our fans very seriously, so we've advised all Colonel's Club members to change their passwords as a precaution, despite only a small number of accounts being directly affected," Brad Scheiner, head of IT at KFC UK & Ireland, said in a statement emailed to IT Pro. "We don't store credit card details as part of our Colonel's Club rewards scheme, so no financial data was compromised."

KFC is also set to introduce improved security measures, according to reports.

Cloud security firm CensorNet's CEO, Ed Macnair, said: "While the cause of the hack has still not been confirmed, the whole incident reveals a lack of cybersecurity hygiene. Prevention is always better than cure, but at least the Colonel's more senior employees have since promised to introduce additional security measures to safeguard customer accounts.

Advertisement
Advertisement - Article continues below

"For the 1.2 million Colonel's Club customers who may have been affected, as well as changing passwords for the KFC site, we'd recommend adopting a decent password manager that generates complex passwords that are extremely difficult to crack."

Advertisement

Recommended

Visit/security/cyber-security/355210/cyber-criminals-torn-over-how-to-adapt-to-post-coronavirus-threat
cyber security

Hackers torn over how to adapt their tactics to the coronavirus pandemic

3 Apr 2020

Most Popular

Visit/security/privacy/355211/google-releases-location-data-to-showcase-effectiveness-of-coronavirus
privacy

Google releases location data to show effectiveness of coronavirus lockdowns

3 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

2 Apr 2020