On Friday, McDonald’s revealed it was the victim of a recent data breach, in which some customer information was stolen (via WSJ).
McDonald’s Data Breach
McDonald’s systems in the U.S., Taiwan, and South Korea were affected. In the U.S., customer data was not affected. Leaked information included some business contact information for U.S. employees and franchisees, and some information about restaurants such as seating capacity and the square footage of play areas.
McDonald’s said that it has increased investment in cybersecurity defenses in recent years, and that those tools helped it respond to the recent attack. The company said it cut off hackers’ access to data soon after the breach was identified.
Meanwhile, customer emails, phone numbers, and addresses for deliveries were stolen in South Korea and Taiwan. In Taiwan, employee information like names and contact information were stolen. Customer payment data was not affected.
McDonald’s further mentioned that its networks weren’t affected and it wasn’t a ransomware attack like with JBS and Colonial Pipeline.