On January 13, 2023, Yum! Brands suffered a cyberattack that forced the company to take its systems offline closing roughly 300 restaurants in the UK for one day.
Now the company, which owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach and revealed that ransomware actors have stolen personally identifiable information (PII) of an unspecified number of individuals.
The data breach notification letter sent to potentially impacted individuals states that personal information was exposed, including names, driver’s license numbers, Non-Driver Identification Card Number, and other types of personal identifiers.
Yum! Brands pointed out that they have no evidence of identity theft or fraud involving exposed data.
“As we announced publicly in mid-January, Yum! experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. Upon discovery, we took steps to lock down impacted systems, notified federal law enforcement authorities, worked with leading digital forensics and restoration teams to investigate and recover from the incident, and deployed enhanced 24/7 detection and monitoring technology.” reads the data breach notification letter. “Our review determined that the exposed files contained some of your personal information.”
The company investigated the security breach with the help of third-party cybersecurity experts, to identify the scope of the incident.
At this time, Yum! Brands has yet to determine the exact number of impacted individuals.
The company is also providing complimentary credit monitoring and identity protection services for two years via IDX.
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:
Please nominate Security Affairs as your favorite blog.
Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Yum! Brands)