Data stolen after ransomware attack on Yum! Brands

News
By
published

Names and license numbers among the sensitive info taken

Ransomware
(Image credit: Pixabay)
  • In a statement, a spokesperson for Yum told TechRadar Pro that “In the course of our forensic review and investigation, we identified some personal information belonging to employees was exposed during the January 2023 cybersecurity incident. We are in the process of sending individual notifications and are offering complimentary monitoring and protection services. We have no indication that customer information was impacted.” The original story continues below.

Despite initial reports to the contrary, it seems that hackers did manage to steal data from Yum! Brands during a recent ransomware attack.

The parent company of KFC, Pizza Hut, and Taco Bell chains started sending out notifications to affected customers explaining what kind of information was stolen during the attack that took place in mid-January this year.

The notifications read: "Our review determined that the exposed files contained some of your personal information, including [Name or other personal identifier in combination with: Driver's License Number or Non-Driver Identification Card Number]." This is plenty of information for threat actors to commit acts of identity theft

No evidence of abuse

In the initial report, the company said there was no evidence of customer data having been taken. But now that this has been confirmed, Yum! brands has amended its claim to say there's no evidence that the stolen data is being actively exploited in the wild.

Read more

> Clop ransomware may have infected even more victims than previously thought

> Saks Fifth Avenue becomes latest Clop ransomware victim

> Check out the best malware protection right now

The ransomware attack that happened on January 18 this year forced the company to shut down up to 300 restaurants in one market for a day, according to Yum! Brands' filing with the U.S. Securities and Exchange Commission (SEC). The shutdown “temporarily disrupted” some of its affected systems and resulted in data theft, it also stated. 

"We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter."

"While this incident caused temporary disruption, the company is aware of no other restaurant disruptions and does not expect this event to have a material adverse impact on its business, operations or financial results," it said.

While the company said it notified affected customers and offered identity theft monitoring solutions in compensation, it did not say exactly how many people were affected by the incident.

Via: BleepingComputer

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.