McDonald's 2017 India Leak: Difference between revisions

Line 8:

|Type=Privacy, Security

|Description=:)

}}A cyber security firm named Fallible, announced to the media of a McDelivery leak that leaked over 2.2 million customers private information after numerous attempts to urge [[McDonald's]] to patch the issue over the span of 4 weeks. <ref name=":0">{{Cite web |last=Goud |first=Naveen |date=2017-03-20 |title=Cyber Attack on McDonald’s app leaks info of 2.2 million users |url=https://www.cybersecurity-insiders.com/cyber-attack-on-mcdonalds-app-leaks-info-of-2-2-million-users/ |url-status=live |access-date=2026-02-13 |website=Cybersecurity Insiders}}</ref> The company issue an statement and a patch, however it was not implemented correctly and would be fixed at a later date.

}}A cyber security firm named Fallible, announced to the media of a McDelivery leak that leaked over 2.2 million customers private information after numerous attempts to urge [[McDonald's]] to patch the issue over the span of 4 weeks. <ref name=":0">{{Cite web |last=Goud |first=Naveen |date=2017-03-20 |title=Cyber Attack on McDonald’s app leaks info of 2.2 million users |url=https://www.cybersecurity-insiders.com/cyber-attack-on-mcdonalds-app-leaks-info-of-2-2-million-users/ |url-status=live |access-date=2026-02-13 |website=Cybersecurity Insiders |archive-url=http://web.archive.org/web/20250616142010/https://www.cybersecurity-insiders.com/cyber-attack-on-mcdonalds-app-leaks-info-of-2-2-million-users/ |archive-date=16 Jun 2025}}</ref> The company issue an statement and a patch, however it was not implemented correctly and would be fixed at a later date.

==The Hack==

On February 7, 2017, Fallible first notified McDonald's of a security vulnerability with McDelivery service, receiving acknowledgement from the McDelivery IT Manager on February 13, however no further response were made from McDonald's, resulting in Fallible announcing the leak to the public on March 18. <ref>{{Cite web |date=2017-03-17 |title=McDonalds India is leaking 2.2 million users data |url=https://hackernoon.com/mcdonalds-india-is-leaking-2-2-million-users-data-d5758b2eb3f8 |url-status=live |access-date=2026-02-05 |website=Hackernoon}}</ref> It was reported that 2.2 million customers were affected, <ref name=":0" /> <ref name=":1">{{Cite web |last=Arghire |first=Ionut |date=2017-03-20 |title=McDonald’s App Leaks Details of 2.2 Million Customers |url=https://www.securityweek.com/mcdonalds-app-leaks-details-22-million-customers/ |url-status=live |access-date=2026-02-13 |website=Security Week}}</ref> leaking customers info that included phone numbers, addresses, names, email IDs and home address.<ref name=":1" />

On February 7, 2017, Fallible first notified McDonald's of a security vulnerability with McDelivery service, receiving acknowledgement from the McDelivery IT Manager on February 13, however no further response were made from McDonald's, resulting in Fallible announcing the leak to the public on March 18. <ref>{{Cite web |date=2017-03-17 |title=McDonalds India is leaking 2.2 million users data |url=https://hackernoon.com/mcdonalds-india-is-leaking-2-2-million-users-data-d5758b2eb3f8 |url-status=live |access-date=2026-02-05 |website=Hackernoon |archive-url=http://web.archive.org/web/20250821162041/https://hackernoon.com/mcdonalds-india-is-leaking-2-2-million-users-data-d5758b2eb3f8 |archive-date=21 Aug 2025}}</ref> It was reported that 2.2 million customers were affected, <ref name=":0" /> <ref name=":1">{{Cite web |last=Arghire |first=Ionut |date=2017-03-20 |title=McDonald’s App Leaks Details of 2.2 Million Customers |url=https://www.securityweek.com/mcdonalds-app-leaks-details-22-million-customers/ |url-status=live |access-date=2026-02-13 |website=Security Week |archive-url=http://web.archive.org/web/20251206202836/https://www.securityweek.com/mcdonalds-app-leaks-details-22-million-customers/ |archive-date=6 Dec 2025}}</ref> leaking customers info that included phone numbers, addresses, names, email IDs and home address.<ref name=":1" />

[[File:2017 McDonalds India Leak Screenshot.png|alt=2017 McDonald's India Personal leaked Info Showcase|thumb|Personal leaked Info Showcase]]

[[File:McDonald's India Official Statement on Facebook.png|alt=McDonald's India Official Statement on Facebook|thumb|Official Statement on Facebook]]

@@ Line 8: / Line 8: @@
 |Type=Privacy, Security
 |Description=:)
-}}A cyber security firm named Fallible, announced to the media of a McDelivery leak that leaked over 2.2 million customers private information after numerous attempts to urge [[McDonald's]] to patch the issue over the span of 4 weeks. <ref name=":0">{{Cite web |last=Goud |first=Naveen |date=2017-03-20 |title=Cyber Attack on McDonald’s app leaks info of 2.2 million users |url=https://www.cybersecurity-insiders.com/cyber-attack-on-mcdonalds-app-leaks-info-of-2-2-million-users/ |url-status=live |access-date=2026-02-13 |website=Cybersecurity Insiders}}</ref> The company issue an statement and a patch, however it was not implemented correctly and would be fixed at a later date.
+}}A cyber security firm named Fallible, announced to the media of a McDelivery leak that leaked over 2.2 million customers private information after numerous attempts to urge [[McDonald's]] to patch the issue over the span of 4 weeks. <ref name=":0">{{Cite web |last=Goud |first=Naveen |date=2017-03-20 |title=Cyber Attack on McDonald’s app leaks info of 2.2 million users |url=https://www.cybersecurity-insiders.com/cyber-attack-on-mcdonalds-app-leaks-info-of-2-2-million-users/ |url-status=live |access-date=2026-02-13 |website=Cybersecurity Insiders |archive-url=http://web.archive.org/web/20250616142010/https://www.cybersecurity-insiders.com/cyber-attack-on-mcdonalds-app-leaks-info-of-2-2-million-users/ |archive-date=16 Jun 2025}}</ref> The company issue an statement and a patch, however it was not implemented correctly and would be fixed at a later date.
 ==The Hack==
-On February 7, 2017,  Fallible first notified McDonald's of a security vulnerability with McDelivery service, receiving acknowledgement from the McDelivery IT Manager on February 13, however no further response were made from McDonald's, resulting in Fallible announcing the leak to the public on March 18. <ref>{{Cite web |date=2017-03-17 |title=McDonalds India is leaking 2.2 million users data |url=https://hackernoon.com/mcdonalds-india-is-leaking-2-2-million-users-data-d5758b2eb3f8 |url-status=live |access-date=2026-02-05 |website=Hackernoon}}</ref> It was reported that 2.2 million customers were affected, <ref name=":0" /> <ref name=":1">{{Cite web |last=Arghire |first=Ionut |date=2017-03-20 |title=McDonald’s App Leaks Details of 2.2 Million Customers |url=https://www.securityweek.com/mcdonalds-app-leaks-details-22-million-customers/ |url-status=live |access-date=2026-02-13 |website=Security Week}}</ref> leaking customers info that included phone numbers, addresses, names, email IDs and home address.<ref name=":1" />
+On February 7, 2017,  Fallible first notified McDonald's of a security vulnerability with McDelivery service, receiving acknowledgement from the McDelivery IT Manager on February 13, however no further response were made from McDonald's, resulting in Fallible announcing the leak to the public on March 18. <ref>{{Cite web |date=2017-03-17 |title=McDonalds India is leaking 2.2 million users data |url=https://hackernoon.com/mcdonalds-india-is-leaking-2-2-million-users-data-d5758b2eb3f8 |url-status=live |access-date=2026-02-05 |website=Hackernoon |archive-url=http://web.archive.org/web/20250821162041/https://hackernoon.com/mcdonalds-india-is-leaking-2-2-million-users-data-d5758b2eb3f8 |archive-date=21 Aug 2025}}</ref> It was reported that 2.2 million customers were affected, <ref name=":0" /> <ref name=":1">{{Cite web |last=Arghire |first=Ionut |date=2017-03-20 |title=McDonald’s App Leaks Details of 2.2 Million Customers |url=https://www.securityweek.com/mcdonalds-app-leaks-details-22-million-customers/ |url-status=live |access-date=2026-02-13 |website=Security Week |archive-url=http://web.archive.org/web/20251206202836/https://www.securityweek.com/mcdonalds-app-leaks-details-22-million-customers/ |archive-date=6 Dec 2025}}</ref> leaking customers info that included phone numbers, addresses, names, email IDs and home address.<ref name=":1" />
 [[File:2017 McDonalds India Leak Screenshot.png|alt=2017 McDonald's India Personal leaked Info Showcase|thumb|Personal leaked Info Showcase]]
 [[File:McDonald's India Official Statement on Facebook.png|alt=McDonald's India Official Statement on Facebook|thumb|Official Statement on Facebook]]