McDonald's Corp. said hackers stole some data from its systems in markets including U.S. South Korea and Taiwan, another example of cybercriminals infiltrating high-profile global companies.
McDonald's said Friday that it has recently hired external consultants to investigate unauthorized activity on an internal security system, which is triggered by a specific incident in which unauthorized access cut off a week after it was identified, McDonald's said. The investigators found that company data in the U.S. markets including Taiwan and South Korea was breached, according to the company.
In a messaging to U.S. employees, McDonald's said the breach disclosed some business contact information for U.S. employees and franchisees, along with some information about restaurants such as seating capacity and the square footage of play areas. The company said no sensitive customer data was compromised in the U.S. and that the employee data breached was not personal or sensitive. The company advised employees and franchisees to use phishing emails and when asked for information to watch closely.
McDonald's said attackers stole customer emails, phone numbers and addresses for delivery customers in Taiwan and South Korea. In Taiwan, hackers also stole employee information including names and contact information, McDonald's said. The company said that the number of affected files was small without disclosing the number of people exposed. The breach didn't include customer payment information, McDonald's said.
McDonald's said Friday that its divisions in Asia and Taiwan notified regulators in South Korea about the breach, and that they would contact customers and employees. The company also said that some divisions in Russia would notify employees in South Africa and Russia of possible unauthorised access to their information. The investigation flagged these countries as well.
McDonald's said that business was not disrupted by the breach and that it didn’t involve a ransomware attack, in which hackers demand payment to return control of data and operations to companies. McDonald's said it was not asked for ransom or made any payment to hackers.
In recent months, significant ransomware attacks have disrupted operations at institutions and companies deeply embedded in U.S. civic and commercial life including hospitals, transport systems, pipelines and meat companies. Some companies including American Malnutri Company and the U.S. operations of Colonial Pipeline Co. have said they paid hackers to regain full control over their data and operations.
McDonalds said that it has increased investment in cybersecurity defenses in recent years and that these tools helped it respond to the recent attack. Soon after the breach it was announced that it shut off hacking access to data by hackers.
McDonald's will leverage the findings of the investigation as well as suggestion from security resources to identify ways to enhance our existing security measures, the company said.