McDonald's: Difference between revisions

Line 6:

|Logo=McDonald's Golden Arches.svg.webp}}

Founded in May 15, 1940 by Richard and Maurie McDonald, [[wikipedia:McDonald's|McDonald's Corporation]] is an American fast food restaurant chain with a net worth of $230.52 billion and owning 36,500 stores across 100 countries.<ref>{{Cite web |date=2026-01-20 |title=How Many McDonald's Restaurants Are There in the United States? |url=https://www.locationscloud.com/intelligence-reports/mcdonalds-usa/ |url-status=live |access-date=2026-02-05 |website=Locations Cloud}}</ref> Besides food services, McDonald's offers other services and product with their own AI assistant named Olivia, [https://mcdelivery.co.in/bug-bounty bug bounty hunter program] (only in India), McDelivery, the McDonald's App, and its spinoff restaurant [[wikipedia:CosMc's|CosMc's]] (closed on May 23, 2025).

Founded in May 15, 1940 by Richard and Maurie McDonald, [[wikipedia:McDonald's|McDonald's Corporation]] is an American fast food restaurant chain with a net worth of $230.52 billion and owning 36,500 stores across 100 countries.<ref>{{Cite web |date=2026-01-20 |title=How Many McDonald's Restaurants Are There in the United States? |url=https://www.locationscloud.com/intelligence-reports/mcdonalds-usa/ |url-status=live |access-date=2026-02-05 |website=Locations Cloud |archive-url=http://web.archive.org/web/20251129180454/https://www.locationscloud.com/intelligence-reports/mcdonalds-usa/ |archive-date=29 Nov 2025}}</ref> Besides food services, McDonald's offers other services and product with their own AI assistant named Olivia, [https://mcdelivery.co.in/bug-bounty bug bounty hunter program] (only in India), McDelivery, the McDonald's App, and its spinoff restaurant [[wikipedia:CosMc's|CosMc's]] (closed on May 23, 2025).

McDonald's is part of several organizations and partnerships, like the [https://www.sourcewatch.org/index.php?title=National_Restaurant_Association National Restaurant Association], [https://www.sourcewatch.org/index.php?title=International_Franchise_Association International Franchise Association] and [https://corporate.mcdonalds.com/corpmcd/our-stories/article/mcd-google-cloud-announce-partnership.html google cloud partnership.]

Line 35:

|McDonald's Customer Database Hack

|2010

|McDonald's advertisement partner [[wikipedia:Leo_Burnett_Worldwide#References|Arc Worldwide]], hired an email database management firm Silverpop Systems <ref>{{Cite web |last=Charette |first=Robert |date=2010-12-15 |title=McDonald's Data Breach: Supersized? |url=https://spectrum.ieee.org/mcdonalds-data-breach-supersized |url-status=live |access-date=2026-02-13 |website=IEEE.org}}</ref><ref>{{Cite web |last=Constantin |first=Lucian |date=2010-12-15 |title=Leaks at Walgreens, McDonald's, deviantART and 100 Others Linked to Single Breach |url=https://news.softpedia.com/news/Leaks-at-Walgreens-McDonald-s-deviantART-and-100-Others-Linked-to-Single-Breach-172797.shtml |url-status=live |access-date=2026-02-13 |website=SoftPedia}}</ref> that suffered a massive security breach, resulting in customers email addresses, names, phone numbers, and postal addresses being leaked. <ref>{{Cite web |last=Karp |first=Gregory |date=2010-12-13 |title=Security breaches at three firms expose vulnerability of customer information |url=https://www.latimes.com/archives/la-xpm-2010-dec-13-la-fi-mcdonalds-20101213-story.html |url-status=live |access-date=2026-02-13 |website=Los Angeles Time}}</ref><ref>{{Cite web |date=2010-12-13 |title=Hackers Steal Customer Data from McDonald's Partner Database |url=https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html |url-status=live |access-date=2026-02-13 |website=The Hacker News}}</ref><ref>{{Cite web |date=2010-12-13 |title=McDonald’s says customer database hacked |url=https://www.mercurynews.com/2010/12/13/mcdonalds-says-customer-database-hacked/ |url-status=live |access-date=2026-02-13 |website=The Mercury News}}</ref> McDonald's didn't report on the amount of customers affected.

|McDonald's advertisement partner [[wikipedia:Leo_Burnett_Worldwide#References|Arc Worldwide]], hired an email database management firm Silverpop Systems <ref>{{Cite web |last=Charette |first=Robert |date=2010-12-15 |title=McDonald's Data Breach: Supersized? |url=https://spectrum.ieee.org/mcdonalds-data-breach-supersized |url-status=live |access-date=2026-02-13 |website=IEEE.org |archive-url=http://web.archive.org/web/20240420080626/https://spectrum.ieee.org/mcdonalds-data-breach-supersized |archive-date=20 Apr 2024}}</ref><ref>{{Cite web |last=Constantin |first=Lucian |date=2010-12-15 |title=Leaks at Walgreens, McDonald's, deviantART and 100 Others Linked to Single Breach |url=https://news.softpedia.com/news/Leaks-at-Walgreens-McDonald-s-deviantART-and-100-Others-Linked-to-Single-Breach-172797.shtml |url-status=live |access-date=2026-02-13 |website=SoftPedia}}</ref> that suffered a massive security breach, resulting in customers email addresses, names, phone numbers, and postal addresses being leaked. <ref>{{Cite web |last=Karp |first=Gregory |date=2010-12-13 |title=Security breaches at three firms expose vulnerability of customer information |url=https://www.latimes.com/archives/la-xpm-2010-dec-13-la-fi-mcdonalds-20101213-story.html |url-status=live |access-date=2026-02-13 |website=Los Angeles Time |archive-url=http://web.archive.org/web/20260213213751/https://www.latimes.com/archives/la-xpm-2010-dec-13-la-fi-mcdonalds-20101213-story.html |archive-date=13 Feb 2026}}</ref><ref>{{Cite web |date=2010-12-13 |title=Hackers Steal Customer Data from McDonald's Partner Database |url=https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html |url-status=live |access-date=2026-02-13 |website=The Hacker News |archive-url=http://web.archive.org/web/20260213213751/https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html |archive-date=13 Feb 2026}}</ref><ref>{{Cite web |date=2010-12-13 |title=McDonald’s says customer database hacked |url=https://www.mercurynews.com/2010/12/13/mcdonalds-says-customer-database-hacked/ |url-status=live |access-date=2026-02-13 |website=The Mercury News |archive-url=http://web.archive.org/web/20170504172619/http://www.mercurynews.com/2010/12/13/mcdonalds-says-customer-database-hacked/ |archive-date=4 May 2017}}</ref> McDonald's didn't report on the amount of customers affected.

|The hacker's have not been caught.

|-

Line 45:

|McDonald's South Korea and Taiwan Hack

|2021

|McDonald's was hacked in Taiwan, US (though very minimal impact) and South Korea that included customers emails, phone numbers, and delivery addresses. Details for this lawsuits remain limited, however the company did report of it not being ransomware and collaborating with authorities on the issue. <ref>{{Cite web |last=Lyngaas |first=Sean |date=2021-06-11 |title=McDonald’s discloses hack of customer data in South Korea and Taiwan |url=https://cyberscoop.com/mcdonalds-hack-korea-taiwan-customers/ |url-status=live |access-date=2026-02-02 |website=Cyberscoop}}</ref><ref>{{Cite web |date=2021-06-14 |title=McDonald's Corp suffers data breach |url=https://www.securitymagazine.com/articles/95404-mcdonalds-corp-suffers-data-breach |url-status=live |access-date=2026-02-02 |website=Security Magazine}}</ref><ref>{{Cite web |last=Sabet |first=Keumars |date=2021-06-14 |title=Personal data exposed in McDonald’s data breach |url=https://www.itpro.com/security/data-breaches/359862/personal-data-exposed-in-mcdonalds-data-breach |url-status=live |access-date=2026-02-01 |website=ITpro}}</ref>

|McDonald's was hacked in Taiwan, US (though very minimal impact) and South Korea that included customers emails, phone numbers, and delivery addresses. Details for this lawsuits remain limited, however the company did report of it not being ransomware and collaborating with authorities on the issue. <ref>{{Cite web |last=Lyngaas |first=Sean |date=2021-06-11 |title=McDonald’s discloses hack of customer data in South Korea and Taiwan |url=https://cyberscoop.com/mcdonalds-hack-korea-taiwan-customers/ |url-status=live |access-date=2026-02-02 |website=Cyberscoop |archive-url=http://web.archive.org/web/20251014202640/https://cyberscoop.com/mcdonalds-hack-korea-taiwan-customers/ |archive-date=14 Oct 2025}}</ref><ref>{{Cite web |date=2021-06-14 |title=McDonald's Corp suffers data breach |url=https://www.securitymagazine.com/articles/95404-mcdonalds-corp-suffers-data-breach |url-status=live |access-date=2026-02-02 |website=Security Magazine |archive-url=http://web.archive.org/web/20251112104952/https://www.securitymagazine.com/articles/95404-mcdonalds-corp-suffers-data-breach |archive-date=12 Nov 2025}}</ref><ref>{{Cite web |last=Sabet |first=Keumars |date=2021-06-14 |title=Personal data exposed in McDonald’s data breach |url=https://www.itpro.com/security/data-breaches/359862/personal-data-exposed-in-mcdonalds-data-breach |url-status=live |access-date=2026-02-01 |website=ITpro |archive-url=http://web.archive.org/web/20250428054719/https://www.itpro.com/security/data-breaches/359862/personal-data-exposed-in-mcdonalds-data-breach |archive-date=28 Apr 2025}}</ref>

|The hacker's have not been caught, as this is still an ongoing issue.

|-

|McDonald's fined for storing customer's data

|2023

|Hackers access personal data of 4.87 million customers due to McDonald's containing backup files of customers and not removing files after data retention period expired. <ref>{{Cite web |date=2026-02-05 |title=McDonald’s Korea fined $540k over data breach |url=https://qsrmedia.asia/legal/news/mcdonalds-korea-fined-540k-over-data-breach |url-status=live |access-date=2026-02-05 |website=QSR Media Asia}}</ref><ref>{{Cite web |date=2023-05-22 |title=McDonald's Korea fined 696 million won for breach of customers' personal data |url=https://koreajoongangdaily.joins.com/2023/03/22/business/industry/McDonalds-McDonalds-Korea-personal-information/20230322173615661.html |url-status=live |access-date=2026-02-05 |website=Korea JoonAng Daily}}</ref>

|Hackers access personal data of 4.87 million customers due to McDonald's containing backup files of customers and not removing files after data retention period expired. <ref>{{Cite web |date=2026-02-05 |title=McDonald’s Korea fined $540k over data breach |url=https://qsrmedia.asia/legal/news/mcdonalds-korea-fined-540k-over-data-breach |url-status=live |access-date=2026-02-05 |website=QSR Media Asia |archive-url=http://web.archive.org/web/20240530024741/https://qsrmedia.asia/legal/news/mcdonalds-korea-fined-540k-over-data-breach |archive-date=30 May 2024}}</ref><ref>{{Cite web |date=2023-05-22 |title=McDonald's Korea fined 696 million won for breach of customers' personal data |url=https://koreajoongangdaily.joins.com/2023/03/22/business/industry/McDonalds-McDonalds-Korea-personal-information/20230322173615661.html |url-status=live |access-date=2026-02-05 |website=Korea JoonAng Daily |archive-url=http://web.archive.org/web/20251006020216/https://koreajoongangdaily.joins.com/2023/03/22/business/industry/McDonalds-McDonalds-Korea-personal-information/20230322173615661.html |archive-date=6 Oct 2025}}</ref>

|McDonald's was fined 696 million wan ($532,110 )

|-

|McDonald's India McDelivery Security Vulnerability

|2024

|An Security Researcher going by an alias Eaton, discovered an vulnerability that leaked costumers names, email addresses, phone numbers. vehicle numbers, profile pictures, and allowed tracking real-time location of their deliveries.<ref>{{Cite web |date=2024-12-19 |title=I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny |url=https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ |url-status=live |access-date=2026-02-08 |website=EatonWorks}}</ref><ref>{{Cite web |last=McKinney |first=Derek |date=2024-12-23 |title=McDonalds delivery customers put at risk by possible data breach |url=https://derektmckinney.com/mcdonalds-delivery-customers-put-at-risk-by-possible-data-breach/ |url-status=live |access-date=2026-02-08 |website=derektmckinney}}</ref>

|An Security Researcher going by an alias Eaton, discovered an vulnerability that leaked costumers names, email addresses, phone numbers. vehicle numbers, profile pictures, and allowed tracking real-time location of their deliveries.<ref>{{Cite web |date=2024-12-19 |title=I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny |url=https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ |url-status=live |access-date=2026-02-08 |website=EatonWorks |archive-url=http://web.archive.org/web/20251107083737/https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ |archive-date=7 Nov 2025}}</ref><ref>{{Cite web |last=McKinney |first=Derek |date=2024-12-23 |title=McDonalds delivery customers put at risk by possible data breach |url=https://derektmckinney.com/mcdonalds-delivery-customers-put-at-risk-by-possible-data-breach/ |url-status=live |access-date=2026-02-08 |website=derektmckinney |archive-url=http://web.archive.org/web/20250915151853/https://derektmckinney.com/mcdonalds-delivery-customers-put-at-risk-by-possible-data-breach/ |archive-date=15 Sep 2025}}</ref>

|McDonald's Fixed the issue on August 23. On November 13, through their bounty program, sent Eaton an $240 amazon gift-card.

|}

Line 76:

|McDonald's violation of Illinois data protection law

|2021

|On July 20. Carpenter filled a class action lawsuit against McDonald's for collection of customers voice prints without prior consent. McDonald's attempted to dismiss the claim, arguing any voice data collected didn't meet criteria for an voiceprint because it doesn't identify an individual, however the dismissal was denied. <ref>{{Cite web |last=Blakey |first=John |date=2021-05-28 |title=Carpenter v. McDonald's Corporation (1:21-cv-02906) |url=https://www.courtlistener.com/docket/59950073/carpenter-v-mcdonalds-corporation/ |url-status=live |access-date=2026-02-05 |website=Court Listener}}</ref><ref>{{Cite web |date=2023-03-23 |title=McDonald’s seeks ban to forbid confidential consumer information disclosure in voice data lawsuit |url=https://pogowasright.org/mcdonalds-seeks-ban-to-forbid-confidential-consumer-information-disclosure-in-voice-data-lawsuit/ |url-status=live |access-date=2026-02-05 |website=PogowasRight}}</ref>

|On July 20. Carpenter filled a class action lawsuit against McDonald's for collection of customers voice prints without prior consent. McDonald's attempted to dismiss the claim, arguing any voice data collected didn't meet criteria for an voiceprint because it doesn't identify an individual, however the dismissal was denied. <ref>{{Cite web |last=Blakey |first=John |date=2021-05-28 |title=Carpenter v. McDonald's Corporation (1:21-cv-02906) |url=https://www.courtlistener.com/docket/59950073/carpenter-v-mcdonalds-corporation/ |url-status=live |access-date=2026-02-05 |website=Court Listener |archive-url=http://web.archive.org/web/20240714095842/https://www.courtlistener.com/docket/59950073/carpenter-v-mcdonalds-corporation/ |archive-date=14 Jul 2024}}</ref><ref>{{Cite web |date=2023-03-23 |title=McDonald’s seeks ban to forbid confidential consumer information disclosure in voice data lawsuit |url=https://pogowasright.org/mcdonalds-seeks-ban-to-forbid-confidential-consumer-information-disclosure-in-voice-data-lawsuit/ |url-status=live |access-date=2026-02-05 |website=PogowasRight |archive-url=http://web.archive.org/web/20240229213943/https://www.pogowasright.org/mcdonalds-seeks-ban-to-forbid-confidential-consumer-information-disclosure-in-voice-data-lawsuit/ |archive-date=29 Feb 2024}}</ref>

|Still in progress

|-

|McDelivery orders Data Breach in South Korea

|2021

|Customers who placed an McDelivery order in South Korea were affected by an data breach that exposes customers’ addresses, phone numbers, and email addresses. <ref>{{Cite web |last=Edwards |first=Jessy |date=2021-10-07 |title=McDelivery Customers Serve McDonald’s Class Action Lawsuit After Data Breach |url=https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |url-status=live |access-date=2026-02-05 |website=Top Class Action}}</ref> <ref>{{Cite web |last=Shaak |first=Erin |date=2021-10-07 |title=McDonald’s Hit with Class Action Over April 2021 Data Breach [DISMISSED] |url=https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |url-status=live |access-date=2026-02-05 |website=ClassAction}}</ref>

|Customers who placed an McDelivery order in South Korea were affected by an data breach that exposes customers’ addresses, phone numbers, and email addresses. <ref>{{Cite web |last=Edwards |first=Jessy |date=2021-10-07 |title=McDelivery Customers Serve McDonald’s Class Action Lawsuit After Data Breach |url=https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |url-status=live |access-date=2026-02-05 |website=Top Class Action |archive-url=http://web.archive.org/web/20231010122451/https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |archive-date=10 Oct 2023}}</ref> <ref>{{Cite web |last=Shaak |first=Erin |date=2021-10-07 |title=McDonald’s Hit with Class Action Over April 2021 Data Breach [DISMISSED] |url=https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |url-status=live |access-date=2026-02-05 |website=ClassAction |archive-url=http://web.archive.org/web/20250426173534/https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |archive-date=26 Apr 2025}}</ref>

|Case was dropped, both agreed to cover their own cost, however settlement agreements are unknown.

|-

|McDonald's False Advertising of McRib Ingredients

|2025

|On December 23, Mcdonalds was sued for the product "McRib" not containing real rib meat. McDonald's responded by saying the product contains boneless pork mixed with barbecue sauce, onions, and pickles. <ref>{{Cite web |last=Cabbagestalk |first=Iesha |date=2026-01-04 |title=McDonald’s Hit With Class Action Lawsuit Over McRib Ingredients |url=https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |url-status=live |access-date=2026-02-05 |website=Baller Alert}}</ref>

|On December 23, Mcdonalds was sued for the product "McRib" not containing real rib meat. McDonald's responded by saying the product contains boneless pork mixed with barbecue sauce, onions, and pickles. <ref>{{Cite web |last=Cabbagestalk |first=Iesha |date=2026-01-04 |title=McDonald’s Hit With Class Action Lawsuit Over McRib Ingredients |url=https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |url-status=live |access-date=2026-02-05 |website=Baller Alert |archive-url=http://web.archive.org/web/20260105021756/https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |archive-date=5 Jan 2026}}</ref>

|Still in progress

|}

@@ Line 6: / Line 6: @@
 |Logo=McDonald's Golden Arches.svg.webp}}
-Founded in May 15, 1940 by Richard and Maurie McDonald, [[wikipedia:McDonald's|McDonald's Corporation]] is an American fast food restaurant chain with a net worth of $230.52 billion and owning 36,500 stores across 100 countries.<ref>{{Cite web |date=2026-01-20 |title=How Many McDonald's Restaurants Are There in the United States? |url=https://www.locationscloud.com/intelligence-reports/mcdonalds-usa/ |url-status=live |access-date=2026-02-05 |website=Locations Cloud}}</ref> Besides food services, McDonald's offers other services and product with their own AI assistant named Olivia, [https://mcdelivery.co.in/bug-bounty bug bounty hunter program] (only in India), McDelivery, the McDonald's App, and its spinoff restaurant [[wikipedia:CosMc's|CosMc's]] (closed on May 23, 2025).
+Founded in May 15, 1940 by Richard and Maurie McDonald, [[wikipedia:McDonald's|McDonald's Corporation]] is an American fast food restaurant chain with a net worth of $230.52 billion and owning 36,500 stores across 100 countries.<ref>{{Cite web |date=2026-01-20 |title=How Many McDonald's Restaurants Are There in the United States? |url=https://www.locationscloud.com/intelligence-reports/mcdonalds-usa/ |url-status=live |access-date=2026-02-05 |website=Locations Cloud |archive-url=http://web.archive.org/web/20251129180454/https://www.locationscloud.com/intelligence-reports/mcdonalds-usa/ |archive-date=29 Nov 2025}}</ref> Besides food services, McDonald's offers other services and product with their own AI assistant named Olivia, [https://mcdelivery.co.in/bug-bounty bug bounty hunter program] (only in India), McDelivery, the McDonald's App, and its spinoff restaurant [[wikipedia:CosMc's|CosMc's]] (closed on May 23, 2025).
 McDonald's is part of several organizations and partnerships, like the [https://www.sourcewatch.org/index.php?title=National_Restaurant_Association National Restaurant Association], [https://www.sourcewatch.org/index.php?title=International_Franchise_Association International Franchise Association]  and [https://corporate.mcdonalds.com/corpmcd/our-stories/article/mcd-google-cloud-announce-partnership.html google cloud partnership.]
@@ Line 35: / Line 35: @@
 |McDonald's Customer Database Hack
 |2010
-|McDonald's advertisement partner [[wikipedia:Leo_Burnett_Worldwide#References|Arc Worldwide]], hired an email database management firm Silverpop Systems <ref>{{Cite web |last=Charette |first=Robert |date=2010-12-15 |title=McDonald's Data Breach: Supersized? |url=https://spectrum.ieee.org/mcdonalds-data-breach-supersized |url-status=live |access-date=2026-02-13 |website=IEEE.org}}</ref><ref>{{Cite web |last=Constantin |first=Lucian |date=2010-12-15 |title=Leaks at Walgreens, McDonald's, deviantART and 100 Others Linked to Single Breach |url=https://news.softpedia.com/news/Leaks-at-Walgreens-McDonald-s-deviantART-and-100-Others-Linked-to-Single-Breach-172797.shtml |url-status=live |access-date=2026-02-13 |website=SoftPedia}}</ref> that suffered a massive security breach, resulting in customers email addresses, names, phone numbers, and postal addresses being leaked. <ref>{{Cite web |last=Karp |first=Gregory |date=2010-12-13 |title=Security breaches at three firms expose vulnerability of customer information |url=https://www.latimes.com/archives/la-xpm-2010-dec-13-la-fi-mcdonalds-20101213-story.html |url-status=live |access-date=2026-02-13 |website=Los Angeles Time}}</ref><ref>{{Cite web |date=2010-12-13 |title=Hackers Steal Customer Data from McDonald's Partner Database |url=https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html |url-status=live |access-date=2026-02-13 |website=The Hacker News}}</ref><ref>{{Cite web |date=2010-12-13 |title=McDonald’s says customer database hacked |url=https://www.mercurynews.com/2010/12/13/mcdonalds-says-customer-database-hacked/ |url-status=live |access-date=2026-02-13 |website=The Mercury News}}</ref> McDonald's didn't report on the amount of customers affected.
+|McDonald's advertisement partner [[wikipedia:Leo_Burnett_Worldwide#References|Arc Worldwide]], hired an email database management firm Silverpop Systems <ref>{{Cite web |last=Charette |first=Robert |date=2010-12-15 |title=McDonald's Data Breach: Supersized? |url=https://spectrum.ieee.org/mcdonalds-data-breach-supersized |url-status=live |access-date=2026-02-13 |website=IEEE.org |archive-url=http://web.archive.org/web/20240420080626/https://spectrum.ieee.org/mcdonalds-data-breach-supersized |archive-date=20 Apr 2024}}</ref><ref>{{Cite web |last=Constantin |first=Lucian |date=2010-12-15 |title=Leaks at Walgreens, McDonald's, deviantART and 100 Others Linked to Single Breach |url=https://news.softpedia.com/news/Leaks-at-Walgreens-McDonald-s-deviantART-and-100-Others-Linked-to-Single-Breach-172797.shtml |url-status=live |access-date=2026-02-13 |website=SoftPedia}}</ref> that suffered a massive security breach, resulting in customers email addresses, names, phone numbers, and postal addresses being leaked. <ref>{{Cite web |last=Karp |first=Gregory |date=2010-12-13 |title=Security breaches at three firms expose vulnerability of customer information |url=https://www.latimes.com/archives/la-xpm-2010-dec-13-la-fi-mcdonalds-20101213-story.html |url-status=live |access-date=2026-02-13 |website=Los Angeles Time |archive-url=http://web.archive.org/web/20260213213751/https://www.latimes.com/archives/la-xpm-2010-dec-13-la-fi-mcdonalds-20101213-story.html |archive-date=13 Feb 2026}}</ref><ref>{{Cite web |date=2010-12-13 |title=Hackers Steal Customer Data from McDonald's Partner Database |url=https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html |url-status=live |access-date=2026-02-13 |website=The Hacker News |archive-url=http://web.archive.org/web/20260213213751/https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html |archive-date=13 Feb 2026}}</ref><ref>{{Cite web |date=2010-12-13 |title=McDonald’s says customer database hacked |url=https://www.mercurynews.com/2010/12/13/mcdonalds-says-customer-database-hacked/ |url-status=live |access-date=2026-02-13 |website=The Mercury News |archive-url=http://web.archive.org/web/20170504172619/http://www.mercurynews.com/2010/12/13/mcdonalds-says-customer-database-hacked/ |archive-date=4 May 2017}}</ref> McDonald's didn't report on the amount of customers affected.
 |The hacker's have not been caught.
 |-
@@ Line 45: / Line 45: @@
 |McDonald's South Korea and Taiwan Hack
 |2021
-|McDonald's was hacked in Taiwan, US (though very minimal impact) and South Korea that included customers emails, phone numbers, and delivery addresses. Details for this lawsuits remain limited, however the company did report of it not being ransomware and collaborating with authorities on the issue. <ref>{{Cite web |last=Lyngaas |first=Sean |date=2021-06-11 |title=McDonald’s discloses hack of customer data in South Korea and Taiwan |url=https://cyberscoop.com/mcdonalds-hack-korea-taiwan-customers/ |url-status=live |access-date=2026-02-02 |website=Cyberscoop}}</ref><ref>{{Cite web |date=2021-06-14 |title=McDonald's Corp suffers data breach |url=https://www.securitymagazine.com/articles/95404-mcdonalds-corp-suffers-data-breach |url-status=live |access-date=2026-02-02 |website=Security Magazine}}</ref><ref>{{Cite web |last=Sabet |first=Keumars |date=2021-06-14 |title=Personal data exposed in McDonald’s data breach |url=https://www.itpro.com/security/data-breaches/359862/personal-data-exposed-in-mcdonalds-data-breach |url-status=live |access-date=2026-02-01 |website=ITpro}}</ref>
+|McDonald's was hacked in Taiwan, US (though very minimal impact) and South Korea that included customers emails, phone numbers, and delivery addresses. Details for this lawsuits remain limited, however the company did report of it not being ransomware and collaborating with authorities on the issue. <ref>{{Cite web |last=Lyngaas |first=Sean |date=2021-06-11 |title=McDonald’s discloses hack of customer data in South Korea and Taiwan |url=https://cyberscoop.com/mcdonalds-hack-korea-taiwan-customers/ |url-status=live |access-date=2026-02-02 |website=Cyberscoop |archive-url=http://web.archive.org/web/20251014202640/https://cyberscoop.com/mcdonalds-hack-korea-taiwan-customers/ |archive-date=14 Oct 2025}}</ref><ref>{{Cite web |date=2021-06-14 |title=McDonald's Corp suffers data breach |url=https://www.securitymagazine.com/articles/95404-mcdonalds-corp-suffers-data-breach |url-status=live |access-date=2026-02-02 |website=Security Magazine |archive-url=http://web.archive.org/web/20251112104952/https://www.securitymagazine.com/articles/95404-mcdonalds-corp-suffers-data-breach |archive-date=12 Nov 2025}}</ref><ref>{{Cite web |last=Sabet |first=Keumars |date=2021-06-14 |title=Personal data exposed in McDonald’s data breach |url=https://www.itpro.com/security/data-breaches/359862/personal-data-exposed-in-mcdonalds-data-breach |url-status=live |access-date=2026-02-01 |website=ITpro |archive-url=http://web.archive.org/web/20250428054719/https://www.itpro.com/security/data-breaches/359862/personal-data-exposed-in-mcdonalds-data-breach |archive-date=28 Apr 2025}}</ref>
 |The hacker's have not been caught, as this is still an ongoing issue.
 |-
 |McDonald's fined for storing customer's data
 |2023
-|Hackers access personal data of 4.87 million customers  due to McDonald's containing backup files of customers and not removing files after data retention period expired. <ref>{{Cite web |date=2026-02-05 |title=McDonald’s Korea fined $540k over data breach |url=https://qsrmedia.asia/legal/news/mcdonalds-korea-fined-540k-over-data-breach |url-status=live |access-date=2026-02-05 |website=QSR Media Asia}}</ref><ref>{{Cite web |date=2023-05-22 |title=McDonald's Korea fined 696 million won for breach of customers' personal data |url=https://koreajoongangdaily.joins.com/2023/03/22/business/industry/McDonalds-McDonalds-Korea-personal-information/20230322173615661.html |url-status=live |access-date=2026-02-05 |website=Korea JoonAng Daily}}</ref>
+|Hackers access personal data of 4.87 million customers  due to McDonald's containing backup files of customers and not removing files after data retention period expired. <ref>{{Cite web |date=2026-02-05 |title=McDonald’s Korea fined $540k over data breach |url=https://qsrmedia.asia/legal/news/mcdonalds-korea-fined-540k-over-data-breach |url-status=live |access-date=2026-02-05 |website=QSR Media Asia |archive-url=http://web.archive.org/web/20240530024741/https://qsrmedia.asia/legal/news/mcdonalds-korea-fined-540k-over-data-breach |archive-date=30 May 2024}}</ref><ref>{{Cite web |date=2023-05-22 |title=McDonald's Korea fined 696 million won for breach of customers' personal data |url=https://koreajoongangdaily.joins.com/2023/03/22/business/industry/McDonalds-McDonalds-Korea-personal-information/20230322173615661.html |url-status=live |access-date=2026-02-05 |website=Korea JoonAng Daily |archive-url=http://web.archive.org/web/20251006020216/https://koreajoongangdaily.joins.com/2023/03/22/business/industry/McDonalds-McDonalds-Korea-personal-information/20230322173615661.html |archive-date=6 Oct 2025}}</ref>
 |McDonald's was fined 696 million wan ($532,110 )
 |-
 |McDonald's India McDelivery Security Vulnerability
 |2024
-|An Security Researcher going by an alias Eaton, discovered an vulnerability that leaked costumers names, email addresses, phone numbers. vehicle numbers, profile pictures, and  allowed tracking real-time location of their deliveries.<ref>{{Cite web |date=2024-12-19 |title=I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny |url=https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ |url-status=live |access-date=2026-02-08 |website=EatonWorks}}</ref><ref>{{Cite web |last=McKinney |first=Derek |date=2024-12-23 |title=McDonalds delivery customers put at risk by possible data breach |url=https://derektmckinney.com/mcdonalds-delivery-customers-put-at-risk-by-possible-data-breach/ |url-status=live |access-date=2026-02-08 |website=derektmckinney}}</ref>
+|An Security Researcher going by an alias Eaton, discovered an vulnerability that leaked costumers names, email addresses, phone numbers. vehicle numbers, profile pictures, and  allowed tracking real-time location of their deliveries.<ref>{{Cite web |date=2024-12-19 |title=I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny |url=https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ |url-status=live |access-date=2026-02-08 |website=EatonWorks |archive-url=http://web.archive.org/web/20251107083737/https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ |archive-date=7 Nov 2025}}</ref><ref>{{Cite web |last=McKinney |first=Derek |date=2024-12-23 |title=McDonalds delivery customers put at risk by possible data breach |url=https://derektmckinney.com/mcdonalds-delivery-customers-put-at-risk-by-possible-data-breach/ |url-status=live |access-date=2026-02-08 |website=derektmckinney |archive-url=http://web.archive.org/web/20250915151853/https://derektmckinney.com/mcdonalds-delivery-customers-put-at-risk-by-possible-data-breach/ |archive-date=15 Sep 2025}}</ref>
 |McDonald's Fixed the issue on August 23. On November 13, through their bounty program, sent Eaton an $240 amazon gift-card.
 |}
@@ Line 76: / Line 76: @@
 |McDonald's violation of Illinois data protection law
 |2021
-|On July 20. Carpenter filled a class action lawsuit against McDonald's for collection of customers voice prints without prior consent. McDonald's attempted to dismiss the claim, arguing any voice data collected didn't meet criteria for an voiceprint because it doesn't identify an individual, however the dismissal was denied. <ref>{{Cite web |last=Blakey |first=John |date=2021-05-28 |title=Carpenter v. McDonald's Corporation (1:21-cv-02906) |url=https://www.courtlistener.com/docket/59950073/carpenter-v-mcdonalds-corporation/ |url-status=live |access-date=2026-02-05 |website=Court Listener}}</ref><ref>{{Cite web |date=2023-03-23 |title=McDonald’s seeks ban to forbid confidential consumer information disclosure in voice data lawsuit |url=https://pogowasright.org/mcdonalds-seeks-ban-to-forbid-confidential-consumer-information-disclosure-in-voice-data-lawsuit/ |url-status=live |access-date=2026-02-05 |website=PogowasRight}}</ref>
+|On July 20. Carpenter filled a class action lawsuit against McDonald's for collection of customers voice prints without prior consent. McDonald's attempted to dismiss the claim, arguing any voice data collected didn't meet criteria for an voiceprint because it doesn't identify an individual, however the dismissal was denied. <ref>{{Cite web |last=Blakey |first=John |date=2021-05-28 |title=Carpenter v. McDonald's Corporation (1:21-cv-02906) |url=https://www.courtlistener.com/docket/59950073/carpenter-v-mcdonalds-corporation/ |url-status=live |access-date=2026-02-05 |website=Court Listener |archive-url=http://web.archive.org/web/20240714095842/https://www.courtlistener.com/docket/59950073/carpenter-v-mcdonalds-corporation/ |archive-date=14 Jul 2024}}</ref><ref>{{Cite web |date=2023-03-23 |title=McDonald’s seeks ban to forbid confidential consumer information disclosure in voice data lawsuit |url=https://pogowasright.org/mcdonalds-seeks-ban-to-forbid-confidential-consumer-information-disclosure-in-voice-data-lawsuit/ |url-status=live |access-date=2026-02-05 |website=PogowasRight |archive-url=http://web.archive.org/web/20240229213943/https://www.pogowasright.org/mcdonalds-seeks-ban-to-forbid-confidential-consumer-information-disclosure-in-voice-data-lawsuit/ |archive-date=29 Feb 2024}}</ref>
 |Still in  progress
 |-
 |McDelivery orders Data Breach in South Korea
 |2021
-|Customers who placed an McDelivery order in South Korea were affected by an data breach that exposes customers’ addresses, phone numbers, and email addresses. <ref>{{Cite web |last=Edwards |first=Jessy |date=2021-10-07 |title=McDelivery Customers Serve McDonald’s Class Action Lawsuit After Data Breach |url=https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |url-status=live |access-date=2026-02-05 |website=Top Class Action}}</ref> <ref>{{Cite web |last=Shaak |first=Erin |date=2021-10-07 |title=McDonald’s Hit with Class Action Over April 2021 Data Breach [DISMISSED] |url=https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |url-status=live |access-date=2026-02-05 |website=ClassAction}}</ref>
+|Customers who placed an McDelivery order in South Korea were affected by an data breach that exposes customers’ addresses, phone numbers, and email addresses. <ref>{{Cite web |last=Edwards |first=Jessy |date=2021-10-07 |title=McDelivery Customers Serve McDonald’s Class Action Lawsuit After Data Breach |url=https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |url-status=live |access-date=2026-02-05 |website=Top Class Action |archive-url=http://web.archive.org/web/20231010122451/https://topclassactions.com/lawsuit-settlements/privacy/data-breach/mcdelivery-customers-serve-mcdonalds-class-action-lawsuit-after-data-breach/ |archive-date=10 Oct 2023}}</ref> <ref>{{Cite web |last=Shaak |first=Erin |date=2021-10-07 |title=McDonald’s Hit with Class Action Over April 2021 Data Breach [DISMISSED] |url=https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |url-status=live |access-date=2026-02-05 |website=ClassAction |archive-url=http://web.archive.org/web/20250426173534/https://www.classaction.org/blog/mcdonalds-hit-with-class-action-over-april-2021-data-breach |archive-date=26 Apr 2025}}</ref>
 |Case was dropped, both agreed to cover their own cost, however settlement agreements are unknown.
 |-
 |McDonald's False Advertising of McRib Ingredients
 |2025
-|On December 23, Mcdonalds was sued for the product "McRib" not containing  real rib meat. McDonald's responded by saying the product contains boneless pork mixed with barbecue sauce, onions, and pickles. <ref>{{Cite web |last=Cabbagestalk |first=Iesha |date=2026-01-04 |title=McDonald’s Hit With Class Action Lawsuit Over McRib Ingredients |url=https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |url-status=live |access-date=2026-02-05 |website=Baller Alert}}</ref>
+|On December 23, Mcdonalds was sued for the product "McRib" not containing  real rib meat. McDonald's responded by saying the product contains boneless pork mixed with barbecue sauce, onions, and pickles. <ref>{{Cite web |last=Cabbagestalk |first=Iesha |date=2026-01-04 |title=McDonald’s Hit With Class Action Lawsuit Over McRib Ingredients |url=https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |url-status=live |access-date=2026-02-05 |website=Baller Alert |archive-url=http://web.archive.org/web/20260105021756/https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |archive-date=5 Jan 2026}}</ref>
 |Still in progress
 |}