On January 13, 2023, Yum! Brands suffered a cyberattack that forced the company to take its systems offline closing roughly 300 restaurants in the UK for one day.
Now the company, which owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach and revealed that ransomware actors have stolen personally identifiable information (PII) of an unspecified number of individuals.
The data breach notification letter sent to potentially impacted individuals states that personal information was exposed, including names, driver’s license numbers, Non-Driver Identification Card Number, and other types of personal identifiers.
Yum! Brands pointed out that they have no evidence of identity theft or fraud involving exposed data.
“As we announced publicly in mid-January, Yum! experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. Upon discovery, we took steps to lock down impacted systems, notified federal law enforcement authorities, worked with leading digital forensics and restoration teams to investigate and recover from the incident, and deployed enhanced 24/7 detection and monitoring technology.” reads the data breach notification letter. “Our review determined that the exposed files contained some of your personal information.”
The company investigated the security breach with the help of third-party cybersecurity experts, to identify the scope of the incident.
At this time, Yum! Brands has yet to determine the exact number of impacted individuals.
The company is also providing complimentary credit monitoring and identity protection services for two years via IDX.
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:
Please nominate Security Affairs as your favorite blog.
Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Yum! Brands)
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…
This website uses cookies.