A few days ago, McDonald’s, a world-renowned fast-food brand, issued a statement saying that it was attacked by hackers. Hackers stole part of McDonald’s data in the United States, South Korea, and Taiwan, including information about employees and restaurants. Although these data do not seem so sensitive, they have aroused people’s concerns.
According to the Wall Street Journal report, McDonald’s stated that it was not attacked by ransomware and that it hired a security consultant to “investigate unauthorized activity on an internal security system” and discovered a data leak. User access data in the U.S. include business contact information of franchised merchants, number of seats, and area of the store. User access data in South Korea and Taiwan include the personal data of customers, including contact information and address, etc. McDonald’s will take measures to notify relevant institutions and customers involved in the stolen documents, and emphasize that the leaked data does not contain any customer payment information.
McDonald’s said that operations have not been interrupted by data breaches. In the next few days, McDonald’s will take measures in several other regions to process data including personal information of employees, including South Africa and Russia. These two countries were flagged in the initial investigation by security consultants and need to further strengthen information security management.