The fast food chain said its investigation determined that only branches in South Korea and Taiwan had access to customers’ personal data.
McDonald’s became the latest business to be hit by a data breach after unauthorized activity on its network exposed the personal data of some customers in South Korea and Taiwan.
McDonald’s Corp said on Friday it quickly identified and contained the incident and that a full investigation was carried out.
“Although we were able to close access quickly after identification, our investigation determined that a small number of files were viewed, some of which contained personal data,” the hamburger chain said.
McDonald’s said its investigation determined that only its branches in South Korea and Taiwan have access to customer personal data and that they will take action to notify regulators as well as customers who may be affected. No customer payment information was exposed.
McDonald’s said it will review the findings of the investigation, as well as contributions from security resources, to identify ways to further improve its existing security measures.
Businesses in various industries have been targeted by cybercriminals, including some high profile cases in recent weeks. On Wednesday, JBS SA, the world’s largest meat processing company, revealed that it had paid the equivalent of $ 11 million to hackers who broke into its computer system last month.
And Colonial Pipeline, which carries roughly half of the fuel consumed on the US East Coast, last month paid a 75 Bitcoin ransom – then valued at around $ 4.4 million – in hopes of recovering its online system. On Monday, the US Department of Justice announced that it had recovered most of the ransom payment.