Compromised Data Not Yet Used in Fraudulent Activities; Threat Actors Behind Ransomware Attack Still Unknown
According to the data breach notification letter sent by Yum! Brands last Thursday, it was confirmed by the company that the entities behind the January 18 ransomware attack were able to access some customers' private details. These details include the customers' names, driver's license numbers, and ID card number.
As reported by Bleeping Computer, Yum! Brands initially denied that the customers' personal information have been compromised during the recent ransomware attack. Although, the company said that the attackers were able to steal some data from its network.
"We are writing to provide you with information about a cybersecurity incident involving your personal information that occurred in mid-January 2023," Yum! Brands stated in the letter. "Our review determined that the exposed files contained some of your personal information, including [Name or other personal identifier in combination with: Driver's License Number or Non-Driver Identification Card Number]."
Furthermore, Yum! Brands claimed that even though customers' sensitive data had been stolen, the company's investigation found no proof that these data had already been used to commit fraud or identity theft. The latest reports also have not yet identified the group behind the ransomware attack on Yum! Brands, or if there are demands set by the threat actors.
The cyberattack on Yum! Brands led to the temporary closure of around 300 restaurants across the United Kingdom. The company confirmed in the 2022 yearly reports to the U.S. Securities and Exchange Commission that the ransomware attack on January 18 "impacted certain IT systems" which resulted in the data breach and temporary disruption of the company's services.
"We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter," Yum! Brands added. The company also gave assurance to its investors that the recent cyberattack will not affect its finances.
Yum! Brands is No Stranger to Cyberattacks
Yum! Brands currently operates 53,000 restaurants in 155 locations across the globe, including 1,000 restaurants in the United Kingdom, according to CPO Magazine. This makes the company vulnerable to cyberattacks as these attempts put millions of customers' private information at risk of being compromised. Unfortunately, Yum! Brands had suffered from these incidents many times in the past.
In 2016, 1.2 million KFC customers in the UK had their account details compromised during a series of online "brute force" attacks. Specifically, the attacks were focused on the Colonel's Club loyalty program that offers rewards to its members. In 2017, Pizza Hut alerted 60,000 individuals for a potential data breach due to a "third-party security intrusion."
Some of the details that might have been accessed by the attackers are the names, addresses, and credit card information of customers.