IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Personal data exposed in McDonald’s data breach

Hackers steal information from systems based in the US, South Korea and Taiwan

Hackers have stolen data from systems managed by McDonald's in the US, South Korea and Taiwan, with the personal information of customers and employees compromised in the cyber attack.

Writing to US employees, McDonald's said the breach exposed business contact information for some workers, as well as logistical information about restaurants such as seating capacity and the square footage of play areas. 

This is according to the Wall Street Journal (WSJ), with the global fast-food chain also confirming it had hired external consultants to investigate unauthorised activity on an internal security platform. 

While no customer information was compromised in the US, hackers stole the emails, phone numbers, and addresses for delivery customers in South Korea and Taiwan. In Taiwan, hackers also seized employee information including names and contact details. 

McDonald's said the number of files exposed was small, although didn't disclose how many have been directly affected. The hackers didn't take any payment information in the breach.

The investigation is still ongoing, with divisions in South Africa and Russia also being alerted to the possibility, so far unconfirmed, that hackers had accessed data on their systems before their presence was cut off.

The chain said that operations weren't disrupted and that the cyber attack didn't involve ransomware.

Related Resource

The secure cloud configuration imperative

The central role of cloud security posture management

The secure cloud configuration imperativeFree download

"Details about the breach are sparse at the moment, but it's commendable that the security team at McDonalds was able to detect anomalous activity and investigation was carried out and discovered the breach," said security awareness advocate at KnowBe4, Javvad Malik.

"With many criminals spending weeks, if not months within organisations to exfiltrate data, understand the network, and often deploy ransomware; being able to detect and respond to this intrusion before it became a much larger incident highlights the value in having a robust layered security capability."

For Nikos Mantas, incident response expert at Obrela Security Industries, this is just the latest big name to be hit by cyber criminals, which should serve as a reminder that businesses need to bolster their defences.

"Not a week goes by recently without another major organisation falling victim to cyber attack," he said. "The rise in attacks indicates the need for organisations to practice cyber resilience and take steps to mitigate the risks cyber attacks pose, before they actually happen."

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022