McDonald’s recognizes data breach in Asia
McDonald’s admitted on Friday that it had suffered a data breach at some of its restaurants in Asia, although the company said it was able to quickly shut down access and none of its operations were interrupted.
The Chicago-based hamburger giant said personal data of some customers has been viewed in Korea and Taiwan, although “no customer payment information is contained in these files.” He said he would contact those customers in the coming days.
“McDonald’s understands the importance of effective security measures to protect information, which is why we have made substantial investments to implement several security tools as part of our deep cybersecurity defense,” the company said in a statement. “These tools have enabled us to quickly identify and contain recent unauthorized activity on our network. A thorough investigation was conducted and we worked with experienced third parties to support this investigation. “
Routine data breaches have become a concern again in light of some high-profile issues, including the ransomware attack on meat producer JBS. While the McDonald’s breach was not at this level and was not a ransomware attack, it shows that criminals are still targeting restaurants and their operators in an attempt to access consumer data.
“The recent McDonald’s data breach shows that restaurants and franchisees are becoming a growing target for cyber attacks,” John McClurg, senior vice president and chief information security officer at Blackberry, said in a statement. “Cybercriminals are increasingly able to locate small gaps in a security infrastructure, regardless of location or point of entry. It is not enough to just protect the front door of our operations. Criminals are increasingly adept at finding a way in.
McDonald’s said “a small number of files were viewed, some of which contained personal data.” No customer payment information was on file, the company said. McDonald’s also said it would take steps to process files containing employee personal data in a few additional markets.
“Going forward, McDonald’s will use the findings of the investigation as well as contributions from security resources to identify ways to further improve our existing security measures,” the company said.