Yum! Brands, the owner of KFC, Taco Bell and Pizza Hut, discloses data breach

Yum! Brands, the company that owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach after the January ransomware attack.

On January 13, 2023, Yum! Brands suffered a cyberattack that forced the company to take its systems offline closing roughly 300 restaurants in the UK for one day.

Now the company, which owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach and revealed that ransomware actors have stolen personally identifiable information (PII) of an unspecified number of individuals.

The data breach notification letter sent to potentially impacted individuals states that personal information was exposed, including names, driver’s license numbers, Non-Driver Identification Card Number, and other types of personal identifiers.

Yum! Brands pointed out that they have no evidence of identity theft or fraud involving exposed data.

“As we announced publicly in mid-January, Yum! experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. Upon discovery, we took steps to lock down impacted systems, notified federal law enforcement authorities, worked with leading digital forensics and restoration teams to investigate and recover from the incident, and deployed enhanced 24/7 detection and monitoring technology.” reads the data breach notification letter. “Our review determined that the exposed files contained some of your personal information.”

The company investigated the security breach with the help of third-party cybersecurity experts, to identify the scope of the incident.

At this time, Yum! Brands has yet to determine the exact number of impacted individuals.

The company is also providing complimentary credit monitoring and identity protection services for two years via IDX.

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:

The Teacher – Most Educational Blog
The Entertainer – Most Entertaining Blog
The Tech Whizz – Best Technical Blog
Best Social Media Account to Follow (@securityaffairs)

Please nominate Security Affairs as your favorite blog.

Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Yum! Brands)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.