As details begin to emerge of the cyber attack that has affected McDonald's including in the US, South Korea and Taiwan, what is clear is that steps have been taken by the fast food giant to notify regulators due to a data breach and that affected customers and employees will be notified. Although it is reported that this attack did not involve a ransom demand, the implications of a cyber incident goes beyond any business disruption or ransom payment - the data breach implications is often a consequence of such malicious activity. Large organisations continue to be the target of such cyber crime.
McDonald’s said attackers stole customer emails, phone numbers and addresses for delivery customers in South Korea and Taiwan. In Taiwan, hackers also stole employee information including names and contact information, McDonald’s said. The company said the number of files exposed was small without disclosing the number of people affected. The breach didn’t include customer payment information, McDonald’s said.