Yum! Brands suffers ransomware attack, marking yet another instance of the restaurant sector being targeted in a series of similar cyberattacks

Yum! Brands Suffers Ransomware Attack, Affecting Hundreds of Restaurants

In a disclosure made on Wednesday, global restaurant company Yum! Brands revealed that it had fallen victim to a ransomware attack. The incident, which has been linked to a series of cyberattacks and data breaches affecting the restaurant and food delivery industries, forced the closure of nearly 300 restaurants in the U.K.

The attack on Yum! Brands, which franchises or operates over 53,000 restaurants in 155 countries, saw data stolen from its network. However, customer databases are not confirmed to have been stolen. The company has hired industry-leading cybersecurity and forensics professionals for an investigation and has taken containment measures, including taking certain systems offline and enhancing monitoring technology.

The FBI has warned about criminals launching credential stuffing campaigns against various businesses, including retailers, restaurants, and mobile apps. Rapid7 researchers noted that mobile apps typically allow more login attempts to speed up customer authentication, making them vulnerable to such attacks.

In the aftermath of the attack, Yum! Brands took steps to secure its systems and protect its customers. Affected U.K. restaurants have now reopened and are operational. Chick-fil-A, another restaurant chain, has also advised its customers to take precautions. Chick-fil-A One members are advised to change their passwords if they see any suspicious activity, and to report fraudulent mobile orders or redemption or gift rewards.

McDonald's suffered a similar ransomware attack in recent weeks that led to the temporary closure of nearly 300 restaurants in the UK. No information about whether a ransom was paid or the amount involved has been disclosed by Yum! Brands.

The company is actively working to restore affected systems and expects the process to be completed in the coming days. It is not expected to have a material adverse impact on Yum! Brands' business, operations, or financial results. Chick-fil-A has also advised its customers to verify whether stored payment cards were used to load unauthorized funds onto their accounts, and to report any fraudulent activity on a frequently asked questions page.

As the restaurant industry continues to grapple with the threat of cyberattacks, companies are being urged to strengthen their cybersecurity measures to protect their customers' data and prevent disruptions to their operations.