McDonald’s Hit by Data Breach

McDonald’s Corp.

MCD 1.04%

said hackers stole some data from its systems in markets including the U.S., South Korea and Taiwan, in another example of cybercriminals infiltrating high-profile global companies.

The burger chain said Friday that it recently hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which the unauthorized access was cut off a week after it was identified, McDonald’s said. The investigators discovered that company data had been breached in markets including the U.S., South Korea and Taiwan, the company said.

In a message to U.S. employees, McDonald’s said the breach disclosed some business contact information for U.S. employees and franchisees, along with some information about restaurants such as seating capacity and the square footage of play areas. The company said no customer data was breached in the U.S., and that the employee data exposed wasn’t sensitive or personal. The company advised employees and franchisees to watch for phishing emails and to use discretion when asked for information.

McDonald’s said attackers stole customer emails, phone numbers and addresses for delivery customers in South Korea and Taiwan. In Taiwan, hackers also stole employee information including names and contact information, McDonald’s said. The company said the number of files exposed was small without disclosing the number of people affected. The breach didn’t include customer payment information, McDonald’s said.

McDonald’s said that its divisions in South Korea and Taiwan notified regulators in Asia of the breach Friday, and that they would contact customers and employees. The company said its divisions would also notify some employees in South Africa and Russia of possible unauthorized access to their information. The investigation had flagged those countries as well.

McDonald’s said that business at its restaurants wasn’t disrupted by the breach and that it didn’t involve a ransomware attack, in which hackers demand payment to return control of data and operations to companies. McDonald’s said it wasn’t asked for ransom, nor did it make any payment to the hackers.

Prominent ransomware attacks in recent months have disrupted operations at institutions and companies deeply embedded in U.S. civic and commercial life, including hospitals, transport systems, pipelines and meat companies. Some companies including Colonial Pipeline Co. and the U.S. operations of meat company

JBS SA

have said they paid hackers to regain full control of their data and operations.

McDonald’s said that it has increased investment in cybersecurity defenses in recent years, and that those tools helped it respond to the recent attack. The company said it cut off hackers’ access to data soon after the breach was identified.

“McDonald’s will leverage the findings from the investigation as well as input from security resources to identify ways to further enhance our existing security measures,” the company said.

A cyberattack on the U.S.’s largest fuel pipeline on May 7 forced a shutdown that triggered a spike in gas prices and shortages in parts of the Southeast. WSJ explains just how vulnerable the nation’s critical energy infrastructure is to attack. Photo illustration: Liz Ornitz/WSJ

Cyberattacks and Business

Write to Heather Haddon at heather.haddon@wsj.com

Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Latest Posts