McDonald’s has become the latest company to be hit by a data breach after unauthorised activity on its network exposed the personal data of some customers in South Korea and Taiwan.
McDonald’s Corp said Friday that it quickly identified and contained the incident and that a thorough investigation was done.
“While we were able to close off access quickly after identification, our investigation has determined that a small number of files were accessed, some of which contained personal data,” the burger chain said.
McDonald’s said its investigation determined that only its South Korea and Taiwan branches had customer personal data accessed, and that they would be taking steps to notify regulators and also the customers who may be impacted. No customer payment information was exposed.
McDonald’s said it will look at the investigation’s findings, coupled with input from security resources, to identify ways to further enhance its existing security measures.
Businesses across various sectors are being targeted by cybercriminals, including some very high-profile cases in recent weeks. On Wednesday, JBS SA, the world’s largest meat processing company, revealed that it had paid the equivalent of $11m to hackers who broke into its computer system last month.
And Colonial Pipeline, which transports about half of the fuel consumed on the East Coast of the United States, last month paid a ransom of 75 Bitcoin — then valued at roughly $4.4m — in hopes of getting its system back online. On Monday the US Department of Justice announced that it had recovered most of the ransom payment.