On the heels of other high-profile cyberattacks, McDonald's (MCD -0.42%) today said that it has been hit by hackers who stole select customer information as well as some business data, according to a Wall Street Journal report. The systems breach was exposed after the company hired an outside firm to look into unauthorized activity that was discovered on an internal security system.
McDonald's said impacts from the breach were mainly isolated to the U.S., South Korea, and Taiwan. Information including emails, addresses, and phone numbers were stolen from delivery customers in South Korea and Taiwan.
Image source: Getty Images.
The report also cited a company email sent to U.S. employees that said no customer data was taken in the U.S., and employee information that was stolen was not sensitive or critical. It added that for some U.S. employees and franchisees, only business-related contact information was taken. Additionally, data related to restaurants including seating capacity and square footage information was exposed.
In South Korea and Taiwan, no customer payment information was taken, and McDonald's has notified regulators in Asia today about the breach. It plans to contact employees and customers with more details. It also said its divisions in Russia and South Africa would notify some employees, as the investigation flagged possible unauthorized access there.
Unlike recent cyberattacks on a large meat processing company and critical energy pipeline operator, this data breach didn't disrupt operations nor was it a ransomware attack asking for payment.
"McDonald's will leverage the findings from the investigation as well as input from security resources to identify ways to further enhance our existing security measures," the company said.
