A data breach at fast food restaurant McDonald’s has impacted company operations in the United States and customers and employees in South America and Taiwan.

First reported by the Wall Street Journal, hackers had broke into the computer system of McDonald’s Corp and accessed only a small number of files before the intrusion was detected. 

The threat actors stole personal information belonging to delivery customers in Taiwan and South Korea. Information compromised included emails, phone numbers and addresses. 

Employee information accessed included names and the contact information of McDonald’s workers in Taiwan. No customer payment details were accessed or stolen in the attack. 

In addition, hackers were able to access business contact details for employees and franchises in the United States. The compromised restaurant data included seating capacities and size of the play areas. No data belonging to US customers was affected and any exposed employee information did not include any personal or sensitive data.

The fast food chain has not disclosed how many files were exposed or the number of people who were affected by the breach. 

The McDonald’s division in South Korea and Tawain notified regulators in Asia on Friday.

PrivSec Global

Register to PrivSec Global and tune into the ”Phishing, Ransomware Prevention Plans and Staying One Step Ahead of Cybercriminals” talk on June 23 at 1:00pm BST | 2:00pm CEST | 8:00pm HK.

Speakers include:

  • Joel Schwarz, Director, MBL Technologies
  • Claudio Cilli, Ph.D., Professor, University of Rome
  • Andrew Rigney, Director Of Cyber Security Operations, Netjets