Tech news
Tuesday, Nov 30, 2021

McDonald's becomes latest cyberattack victim: What's going on?

McDonald's becomes latest cyberattack victim: What's going on?

Fast-food chain was able to 'quickly identify and contain' threats on its network

McDonald's on Friday disclosed limited details of a data breach that may have exposed some customer data.

"While we were able to close off access quickly after identification, our investigation has determined that a small number of files were accessed, some of which contained personal data," a McDonald's spokesperson said, adding that based on the company's investigation so far, only Korean and Taiwanese customers were impacted.

The Wall Street Journal initially reported that U.S. markets were also impacted and that the breach exposed some U.S. business and employee contact information.

Those markets "will be taking steps to notify regulators and customers listed in these files," which did not include customer payment information, the McDonald's spokesperson said.

"McDonald's understands the importance of effective security measures to protect information, which is why we've made substantial investments to implement multiple security tools as part of our in-depth cybersecurity defense," the spokesperson said.

McDonald's disclosed limited details of a data breach on Friday

The fast-food chain said it was able to "quickly identify and contain" threats on its network. It also conducted a "thorough investigation" and worked with "experienced third parties" to do so.

McDonald's did not share any additional details about the breach.

Kevin Breen, director of cyber threat research at cybersecurity company Immersive Labs, told FOX Business that McDonald's likely has a strong internal cybersecurity team and worked with effective third parties to limit the extent of the breach and disclose information to the public early.

Breen added that while McDonald's has not mentioned any kind of financial motivation or ransom demand behind the threat actors that attacked its networks, hackers across the board appear to be targetting large companies that rely on and serve a large number of customers so that they have a greater impact.

The McDonald's incident comes after hacker groups have targetted a number of major U.S. and global companies and organizations in recent months, including the Colonial Pipeline, JBS, Electronic Arts and the U.S. Agency for International Development.

"Unfortunately…it's just another day. It's just another data breach," Breen said when asked for his initial reaction to the McDonald's attack.

"It has become almost trendy for attackers to go after these bigger names," he explained. "What we are seeing is a move toward high impact for the attackers. From the attackers' perspective, if they are financially motivated in their attacks, they need the impact to force the organization into paying, and if you can affect the people, the [company] is more likely to pay, and we saw that with Colonial."

He added that with all of the recent, large-scale cyberattacks, "it's hard to know whether the attackers are increasing their frequency or whether we as a community and the media are reporting more [frequently] on it."

The Biden administration in May said it planned to launch a task force aimed at cracking down on hackers responsible for ransomware attacks after the Colonial attack.

Breen said this effort by the president also brings new light to the issue and encourages more companies and organizations to disclose details of cyberattacks to the public.


Related Articles