McDonald which had gone through a similar incident relating to online security, where the company discovered a cross-site scripting (XSS) vulnerability...
McDonald officially discloses a data breach primarily targeting the operations of South Korea and Taiwan. The biggest global burger chain confirmed that its customers & employee's data were compromised upon the preliminary investigation conducted in collaboration with an external security team to identify the unauthorized activities on its internal network.
Soon after the data breach was detected, the infected system was made offline however, "a small number of files were accessed, some of which contained personal data." Even though McDonald affirmed to the US employees that only the business contact details from US employees and franchises were highly affected, which doesn't include any sensitive or personal details of users or employees, especially the payment credentials of the customers, also based on first news reports by WSJ.
Besides, the stolen data also includes names, emails, phone numbers, and customer addresses from South Korea and Taiwan.
"Based on our investigation, only Korea and Taiwan had customer personal data accessed, and they will be taking steps to notify regulators and customers listed in these files," McDonald mentioned in a statement.
The company is also robustly preparing to address the infected data containing the employee personal credentials effectively and currently informing all the concerned departments, including the targeted customer base, to initiate the needfuls in all the impacted markets.
"McDonald’s understands the importance of effective security measures to protect the information, which is why we’ve made substantial investments to implement multiple security tools as part of our in-depth cybersecurity defense. These tools allowed us to identify and contain recent unauthorized activity on our network quickly. A thorough investigation was conducted, and we worked with experienced third parties to support this investigation." — McDonald started.
However, this hasn't been an unprecedented experience, especially for McDonald's, which had gone through a similar incident relating to online security. The company discovered a cross-site scripting (XSS) vulnerability directly affecting the official website and the customer login credentials saved in plain text.
In the recent past, similar to this emerging concerns of a data breach, many other companies were also targeted critically affecting the data at a mass level Electronic Arts (EA), Edward Don, CD Projekt and many more.