McDonald’s says breach exposed customer data in South Korea and Taiwan
McDonald’s has reported a data breach that exposed some personal information from customers in South Korea and Taiwan, the latest instance of a global company being targeted by a hack.
The Chicago-based burger chain said on Friday that it was quickly able to identify and contain “recent unauthorised activity” on its network.
An investigation found “that a small number of files were accessed, some of which contained personal data”, the company said, adding that only customer information in South Korea and Taiwan was accessed.
McDonald’s said additional steps would be taken in a few other markets to address files that contained information about its employees. No payment information was contained in the files that were accessed, the company added, saying it would notify regulators and customers affected by the breach.
The McDonald’s breach comes amid a string of high-profile cyber attacks targeting companies in recent weeks. JBS, the world’s largest meat processor, had its global operations hit by an attack targeting the company’s IT systems, weeks after the Colonial Pipeline, a major US fuel pipeline, had to be shut down following a separate hacking incident.
Both the JBS and Colonial attacks involved the use of ransomware, in which hackers seize control of a target’s computer systems or data by installing illicit software and demand payment for the release of the assets.
JBS said it paid $11m to resolve the attack, while US officials this week said they recovered $2.3m worth of cryptocurrency paid as ransom to hackers who shut down the Colonial Pipeline.
The Colonial Pipeline incident highlighted the vulnerability of US infrastructure to cyber attacks and the Biden administration has vowed to crack down on ransomware hackers, who have taken advantage of the rise of cryptocurrencies to facilitate their operations.
McDonald’s shares were up more than 1 per cent in New York trading on Friday to $237.30.