- Hackers stole data from McDonald's Corp's MCD systems in markets including the U.S., South Korea, and Taiwan based on an internal security system investigation, the Wall Street Journal reports.
- The breach disclosed some business contact information for U.S. employees and franchisees, including restaurant seating capacity and the square footage of play areas.
- It did not involve any U.S. customer data breach. The employee data exposed wasn't sensitive or personal.
- McDonald's advised employees and franchisees to monitor phishing emails.
- The attackers stole customer emails, phone numbers, and addresses for delivery customers in South Korea and Taiwan.
- Hackers also stole employee information, including names and contact information, in Taiwan. The breach did not include customer payment information.
- The South Korea and Taiwan divisions notified Asian regulators and will contact customers and employees.
- The divisions will also notify some South African and Russian employees regarding possible unauthorized access to their information. The investigation had identified those countries too.
- The restaurant business remained undisrupted by the breach and did not involve a ransomware attack.
- Recently meat company JBS SA had to pay their attackers to regain data and operational control.
- McDonald's said it had cybersecurity investment ramp-up in recent years helped to counter the recent attack. It had cut off hackers' access to data immediately after it identified the breach.
- McDonald's told WSJ it would incorporate the investigation findings and security resources input to beef up its security measures.
- Price action: MCD shares traded higher by 0.98% at $236.90 on the last check Friday.
© 2023 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.