The American fast food chain McDonald’s was the target of a cyber attack, as reported on Friday, 11. The company said it had customer and employee data stolen from its systems in the United States, South Korea and Taiwan.
The fast food chain also said it had hired outside consultants to investigate unauthorized activity in an internal security system, prompted by a specific incident in which unauthorized access was interrupted a week after it was identified.
In a message to employees in the United States, McDonald’s said the breach revealed some business contact information for employees and franchisees in the US, along with some information about restaurants, such as seating capacity and square footage of play areas. The company said that no customer data was breached in the US and that the exposed employee data was not confidential or personal. The company advised employees and franchisees to watch for phishing emails and use discretion when asked to provide information.
McDonald’s said the attackers stole the emails, phone numbers and addresses of delivery customers in South Korea and Taiwan. In Taiwan, hackers also stole employee information, including names and contact information. According to the company, the number of files exposed is small, without disclosing the number of people affected. The breach did not include customer payment information, the fast food chain said.
According to McDonald’s, its divisions in South Korea and Taiwan notified regulators in Asia of the violation, and that they would contact customers and employees. The company said its divisions would also notify some employees in South Africa and Russia of possible unauthorized access to their information. The investigation also flagged these countries.
McDonald’s said business at its restaurants was not disrupted by the breach and that it did not involve a ransomware attack, in which hackers demand ransom payments to return control of data and operations to the companies. The network claims that it has not asked for a ransom, nor has it made any payments to the hackers.
Ransomware attacks in recent months have disrupted operations at deeply rooted US institutions and businesses, including hospitals, transportation systems, pipelines and food companies. Among them are Colonial Pipeline, which operates the largest oil pipeline on the east coast of the United States, and the American operations of the Brazilian meat packing company JBS. Both companies admitted that they paid ransoms to hackers to regain full control of their data and operations.
McDonald’s said it has increased investment in cybersecurity defenses in recent years and that these tools have helped to respond to the attack. The company said it cut hackers’ access to data soon after the breach was identified.