McDonald's: Difference between revisions
added incidents links and sutff |
Added Sources, removed incidents and lawsuits, added more info on incidents and lawsuits. |
||
| Line 15: | Line 15: | ||
*Security Vulnerabilities | *Security Vulnerabilities | ||
*Holding security risks from public | *Holding security risks from public | ||
*False Advertising | |||
| Line 29: | Line 30: | ||
!McDonald's Japan Malware Attack | !McDonald's Japan Malware Attack | ||
!2006 | !2006 | ||
! | !CREATE THIS OWN ARTICLE | ||
!https://www.spamfighter.com/News-6650-McDonalds-Unwittingly-Distributes-Contaminated-Prizes.htm | !https://www.spamfighter.com/News-6650-McDonalds-Unwittingly-Distributes-Contaminated-Prizes.htm | ||
https://techcrunch.com/2006/10/16/mcdonalds-mp3-players-come-with-malware/ | https://techcrunch.com/2006/10/16/mcdonalds-mp3-players-come-with-malware/ | ||
https://www.youtube.com/watch?v=vV4rxKhiEKo | |||
https://www.theregister.com/2006/10/16/mcd_spyware_mp3_recall/ | |||
|- | |- | ||
| | |McDonald's Customer Database Hack | ||
|2010 | |2010 | ||
| | |McDonald's advertisement partner [[wikipedia:Leo_Burnett_Worldwide#References|Arc Worldwide]], hired an email database management firm Silverpop Systems <ref>{{Cite web |last=Charette |first=Robert |date=2010-12-15 |title=McDonald's Data Breach: Supersized? |url=https://spectrum.ieee.org/mcdonalds-data-breach-supersized |url-status=live |access-date=2026-02-13 |website=IEEE.org}}</ref><ref>{{Cite web |last=Constantin |first=Lucian |date=2010-12-15 |title=Leaks at Walgreens, McDonald's, deviantART and 100 Others Linked to Single Breach |url=https://news.softpedia.com/news/Leaks-at-Walgreens-McDonald-s-deviantART-and-100-Others-Linked-to-Single-Breach-172797.shtml |url-status=live |access-date=2026-02-13 |website=SoftPedia}}</ref> that suffered a massive security breach, resulting in customers email addresses, names, phone numbers, and postal addresses being leaked. <ref>{{Cite web |last=Karp |first=Gregory |date=2010-12-13 |title=Security breaches at three firms expose vulnerability of customer information |url=https://www.latimes.com/archives/la-xpm-2010-dec-13-la-fi-mcdonalds-20101213-story.html |url-status=live |access-date=2026-02-13 |website=Los Angeles Time}}</ref><ref>{{Cite web |date=2010-12-13 |title=Hackers Steal Customer Data from McDonald's Partner Database |url=https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html |url-status=live |access-date=2026-02-13 |website=The Hacker News}}</ref><ref>{{Cite web |date=2010-12-13 |title=McDonald’s says customer database hacked |url=https://www.mercurynews.com/2010/12/13/mcdonalds-says-customer-database-hacked/ |url-status=live |access-date=2026-02-13 |website=The Mercury News}}</ref> McDonald's didn't report on the amount of customers affected. | ||
|https:// | |The hacker's have not been caught. | ||
https:// | |||
|- | |||
| | |||
|<ref>{{Cite web |date= | |||
| | |||
|- | |- | ||
|McDonald's Inida Leak | |McDonald's Inida Leak | ||
| Line 51: | Line 50: | ||
|McDonald's South Korea and Taiwan Hack | |McDonald's South Korea and Taiwan Hack | ||
|2021 | |2021 | ||
|McDonald's was hacked in Taiwan, US (though very minimal impact) and South Korea that included customers | |McDonald's was hacked in Taiwan, US (though very minimal impact) and South Korea that included customers emails, phone numbers, and delivery addresses. Details for this lawsuits remain limited, however the company did report of it not being ransomware and collaborating with authorities on the issue. <ref>{{Cite web |last=Lyngaas |first=Sean |date=2021-06-11 |title=McDonald’s discloses hack of customer data in South Korea and Taiwan |url=https://cyberscoop.com/mcdonalds-hack-korea-taiwan-customers/ |url-status=live |access-date=2026-02-02 |website=Cyberscoop}}</ref><ref>{{Cite web |date=2021-06-14 |title=McDonald's Corp suffers data breach |url=https://www.securitymagazine.com/articles/95404-mcdonalds-corp-suffers-data-breach |url-status=live |access-date=2026-02-02 |website=Security Magazine}}</ref><ref>{{Cite web |last=Sabet |first=Keumars |date=2021-06-14 |title=Personal data exposed in McDonald’s data breach |url=https://www.itpro.com/security/data-breaches/359862/personal-data-exposed-in-mcdonalds-data-breach |url-status=live |access-date=2026-02-01 |website=ITpro}}</ref> | ||
|The hacker's have not been caught, as this is still an ongoing issue. | |The hacker's have not been caught, as this is still an ongoing issue. | ||
|- | |- | ||
| Line 61: | Line 60: | ||
|McDonald's India McDelivery Security Vulnerability | |McDonald's India McDelivery Security Vulnerability | ||
|2024 | |2024 | ||
| | |An Security Researcher going by an alias Eaton, discovered an vulnerability that leaked costumers names, email addresses, phone numbers. vehicle numbers, profile pictures, and allowed tracking real-time location of their deliveries.<ref>{{Cite web |date=2024-12-19 |title=I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny |url=https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ |url-status=live |access-date=2026-02-08 |website=EatonWorks}}</ref><ref>{{Cite web |last=McKinney |first=Derek |date=2024-12-23 |title=McDonalds delivery customers put at risk by possible data breach |url=https://derektmckinney.com/mcdonalds-delivery-customers-put-at-risk-by-possible-data-breach/ |url-status=live |access-date=2026-02-08 |website=derektmckinney}}</ref> | ||
|McDonald's Fixed the issue on August 23. On November 13, through their bounty program, sent Eaton an $240 amazon gift-card. | |McDonald's Fixed the issue on August 23. On November 13, through their bounty program, sent Eaton an $240 amazon gift-card. | ||
|- | |- | ||
| Line 79: | Line 78: | ||
!Aftermath | !Aftermath | ||
|- | |- | ||
|McDonald's | |[[wikipedia:McLibel_case#Judgment|McDonald's Libel trial]] | ||
| | |1997 | ||
| | |McDonald's sued environmental activists Helen Steel and David Morris over a factsheet that contained claims of McDonald's environmental practices, treatment of animals, nutritional information, marketing towards children, and labor practices. The Trial spanned nearly 10 years, resulting in it being the longest trial in British history. | ||
|McDonald's was found | |McDonald's was found liable for false advertising, mistreatment of animals, and liable for some environmental damage. The Court found that several claims were defamatory, rewarding McDonald's £60,000 in damages. | ||
|- | |- | ||
|McDonald's violation of Illinois data protection law | |McDonald's violation of Illinois data protection law | ||
| Line 92: | Line 91: | ||
|2021 | |2021 | ||
|Customers who placed an McDelivery order in South Korea were affected by an data breach that exposes customers’ addresses, phone numbers, and email addresses. <ref>{{Cite web |last=Edwards |first=Jessy |date=2021-10-07 |title=McDelivery Customers Serve McDonald’s Class Action Lawsuit After Data Breach |url=https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |url-status=live |access-date=2026-02-05 |website=Top Class Action}}</ref> <ref>{{Cite web |last=Shaak |first=Erin |date=2021-10-07 |title=McDonald’s Hit with Class Action Over April 2021 Data Breach [DISMISSED] |url=https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |url-status=live |access-date=2026-02-05 |website=ClassAction}}</ref> | |Customers who placed an McDelivery order in South Korea were affected by an data breach that exposes customers’ addresses, phone numbers, and email addresses. <ref>{{Cite web |last=Edwards |first=Jessy |date=2021-10-07 |title=McDelivery Customers Serve McDonald’s Class Action Lawsuit After Data Breach |url=https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |url-status=live |access-date=2026-02-05 |website=Top Class Action}}</ref> <ref>{{Cite web |last=Shaak |first=Erin |date=2021-10-07 |title=McDonald’s Hit with Class Action Over April 2021 Data Breach [DISMISSED] |url=https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |url-status=live |access-date=2026-02-05 |website=ClassAction}}</ref> | ||
|Case was dropped, both agreed to cover their own cost, however settlement agreements are unknown. | |Case was dropped, both agreed to cover their own cost, however settlement agreements are unknown. | ||
|- | |- | ||
| | |McDonald's False Advertising of McRib Ingredients | ||
|2025 | |2025 | ||
|On December 23, Mcdonalds | |On December 23, Mcdonalds was sued for the product "McRib" not containing real rib meat. McDonald's responded by saying the product contains boneless pork mixed with barbecue sauce, onions, and pickles. <ref>{{Cite web |last=Cabbagestalk |first=Iesha |date=2026-01-04 |title=McDonald’s Hit With Class Action Lawsuit Over McRib Ingredients |url=https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |url-status=live |access-date=2026-02-05 |website=Baller Alert}}</ref> | ||
|https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ | |Still in progress | ||
|} | |} | ||