New cyberattack on McDonald's highlights a rapidly growing threat
McDonald's has become the latest target for cybercriminals as ransomware and cyberattacks continue to wreak havoc on some of the United States' largest corporations. According to the Wall Street Journal, hackers managed to obtain some of the company's data from its systems in the United States, South Korea, and Taiwan.
The fast-food chain on Friday, June 11 confirmed its employment of external consultants to conduct an investigation into "unauthorized activity on an internal security system." McDonald's revealed cybercriminals obtained physical addresses, phone numbers, and email addresses for its food delivery customers located in Taiwan and South Korea.
In Taiwan, hackers managed to seize personal information, such as names and contact information for McDonald's employees. The company insists the number of employees compromised was relatively small although it offered no specifics about the exact number of people affected. Luckily, no one's payment information was obtained across the three markets.
Following the breach, the company also sent out a message to its employees. The message, which was obtained by The Wall Street Journal, offered a brief overview of the breach.
Per the Wall Street Journal:
In a message to U.S. employees, McDonald's said the breach disclosed some business contact information for U.S. employees and franchisees, along with some information about restaurants such as seating capacity and the square footage of play areas. The company said no customer data was breached in the U.S., and that the employee data exposed wasn't sensitive or personal. The company advised employees and franchisees to watch for phishing emails and to use discretion when asked for information.
McDonald's is also urging franchisees and employees to "watch for phishing emails and to use discretion when asked for information."
The latest cyberattack involving McDonald's is one of many that have occurred over the last several weeks. Colonial Pipeline and JBS are two others that were compromised by hackers. Combined, both companies have shelled out more than $15 million to pay for ransomware attacks. With so many breaches in such a short period of time, there are concerns about the possibility of many other "profit-driven cyberattacks" taking place in the very near future.
However, McDonald's insists its cybersecurity investments over the last couple of years have helped to diminish the possibility of larger breaches. The company also credits heightened cybersecurity for its rapid response to the latest breach.
"McDonald's will leverage the findings from the investigation as well as input from security resources to identify ways to further enhance our existing security measures," the company said.