McDonald’s is the world’s biggest global foodservice retailers that generates revenue through franchise royalties, licensing pacts and company-owned restaurants. Recently, the famous burger chain was hit by a data breach that leaked employee information from its systems in the United States, South Korea and Taiwan. This is another incident where cybercriminals and cyber-crime organisations are targeting multinational high-profile global companies.
According to a report by The Wall Street Journal, McDonald’s revealed on Friday that it had hired some external consultants to investigate unauthorised activity on the internal systems of the company. The external consultants were able to cut off any or all unauthorised data breach/ access into the company’s systems, said reports. However, upon investigating it was found out that the data had been breached in the markets of the United States, Taiwan and South Korea.
So, is this bad news for McDonald’s employees or the company? Well, yes! It definitely is because data breaches are generally not supposed to happen to any company and you can imagine the damage when it is happening to a global multinational corporation. According to reports, the company says that the data breach disclosed some information about the employees in the United States and other franchises along with some measurements of its restaurants, the square footage of restaurants and the seating space.
According to a report by the Wall Street Journal, the burger company said that the attackers stole some information including phone numbers, emails and addresses of some of their employees in Taiwan and South Korea. The United States was comparatively saved by the data breach. Other than this, McDonald’s also revealed that in Taiwan, hackers also got hold of some employee information including names and contact information.
The company explicitly mentioned that no customer payment information was leaked during the data breach and this was actually the single most important thing that matters during any data breach or ransomware attack.
Well, was it a ransomware attack? Did the attackers ask for ransom from McDonald’s?
McDonald’s mentioned that there is no ransom demanded by the hackers and it cannot categorise this incident as a ransomware attack. Furthermore, the burger company also said that this attack did not disrupt its active restaurant operations and the breach only had an effect on some customer information.
The company’s divisions in Taiwan and South Korea had also reported the matter to the regulators in Asia on Friday itself and that they would be contacting the company employees and customers as well. As a precautionary measure, the company has also notified its branches in Russia and South Africa of a possible data breach.
The incident is currently under investigation.