McDonald's
McDonald's
| Basic information | |
|---|---|
| Founded | 1940-05-15 |
| Legal Structure | Public |
| Industry | Food |
| Also known as | |
| Official website | https://corporate.mcdonalds.com/corpmcd/home.html |
Founded in May 15, 1940 by Richard and Maurie McDonald, McDonald's Corporation is an American fast food restaurant chain with a net worth of $230.52 billion and owning 36,500 stores across 100 countries.[1] Besides food services, McDonald's offers other services and product with their own AI assistant named Olivia, bug bounty hunter program (only in India), McDelivery, and the McDonald's App.
McDonald's is part of several organizations and partnerships, like the National Restaurant Association, International Franchise Association and google cloud partnership.
Consumer-impact summary
- Privacy Concerns
- Security Vulnerabilities
- Holding security risks from public
Incidents
| Controversy | Year | Background Info | Aftermath |
|---|---|---|---|
| McDonald's Japan Malware Attack | 2006 | https://www.spamfighter.com/News-6650-McDonalds-Unwittingly-Distributes-Contaminated-Prizes.htm
https://techcrunch.com/2006/10/16/mcdonalds-mp3-players-come-with-malware/ | |
| 2010 | https://thehackernews.com/2010/12/hackers-steal-mcdonalds-customer-data.html | ||
| McDonald's Driving Intercom Hack | 2016 | [2][3] | |
| McDonald's Inida Leak | 2017 | Delete column and create incident of this, to long. | https://hackernoon.com/mcdonalds-india-is-leaking-2-2-million-users-data-d5758b2eb3f8 |
| McDonald's South Korea and Taiwan Hack | 2021 | McDonald's was hacked in Taiwan, US (though very minimal impact) and South Korea that included customers emails, phone numbers, and delivery addresses. Details for this lawsuits remain limited, however the company did report of it not being ransomware and collaborating with authorities on the issue. [4][5][6] | The hacker's have not been caught, as this is still an ongoing issue. |
| McDonald's fined for storing customer's data | 2023 | Hackers access personal data of 4.87 million customers due to McDonald's containing backup files of customers and not removing files after data retention period expired. [7][8] | McDonald's was fined 696 million wan ($532,110 ) |
| McDonald's India McDelivery Security Vulnerability | 2024 | Going by an alias Eaton, discovered an vulnerability that leaked costumers names, email addresses, phone numbers. vehicle numbers, profile pictures, and allowed tracking real-time location of their deliveries.[9][10] | McDonald's Fixed the issue on August 23. On November 13, through their bounty program, sent Eaton an $240 amazon gift-card. |
| ;) | 2025 | NOTE TO SELF: CREATE INCIDENT | https://www.zataz.com/a-hacker-exposes-critical-mcdonalds-flaws-behind-a-simple-nugget-hunt/ |
Lawsuits
| Controversy | Year | Background Info | Aftermath |
|---|---|---|---|
| McDonald's Libre trial | Longest trial in british history | McDonald's was found guilty | |
| McDonald's violation of Illinois data protection law | 2021 | On July 20. Carpenter filled a class action lawsuit against McDonald's for collection of customers voice prints without prior consent. McDonald's attempted to dismiss the claim, arguing any voice data collected didn't meet criteria for an voiceprint because it doesn't identify an individual, however the dismissal was denied. [11][12] | Still in progress |
| McDelivery orders Data Breach in South Korea | 2021 | Customers who placed an McDelivery order in South Korea were affected by an data breach that exposes customers’ addresses, phone numbers, and email addresses. [13] [14] | Case was dropped, both agreed to cover their own cost, however settlement agreements are unknown. |
| 2025 | On December 23, Mcdonalds | https://balleralert.com/profiles/blogs/mcdonalds-sued-over-mcrib-ingredients/ |
See also
References
- ↑ "How Many McDonald's Restaurants Are There in the United States?". Locations Cloud. 2026-01-20. Retrieved 2026-02-05.
{{cite web}}: CS1 maint: url-status (link) - ↑ "McDonald's Drive-Thru Intercom Wireless Frequency System Hacked". Hackread. 2016-12-07. Retrieved 2026-02-02.
{{cite web}}: CS1 maint: url-status (link) - ↑ "North Carolina McDonald's Drive-Thru Intercom Hacked". 93.1 WZAMK. 2016-12-06. Retrieved 2026-02-08.
{{cite web}}: CS1 maint: url-status (link) - ↑ Lyngaas, Sean (2021-06-11). "McDonald's discloses hack of customer data in South Korea and Taiwan". Cyberscoop. Retrieved 2026-02-02.
{{cite web}}: CS1 maint: url-status (link) - ↑ "McDonald's Corp suffers data breach". Security Magazine. 2021-06-14. Retrieved 2026-02-02.
{{cite web}}: CS1 maint: url-status (link) - ↑ Sabet, Keumars (2021-06-14). "Personal data exposed in McDonald's data breach". ITpro. Retrieved 2026-02-01.
{{cite web}}: CS1 maint: url-status (link) - ↑ "McDonald's Korea fined $540k over data breach". QSR Media Asia. 2026-02-05. Retrieved 2026-02-05.
{{cite web}}: CS1 maint: url-status (link) - ↑ "McDonald's Korea fined 696 million won for breach of customers' personal data". Korea JoonAng Daily. 2023-05-22. Retrieved 2026-02-05.
{{cite web}}: CS1 maint: url-status (link) - ↑ "I'm Lovin' It: Exploiting McDonald's APIs to hijack deliveries and order food for a penny". EatonWorks. 2024-12-19. Retrieved 2026-02-08.
{{cite web}}: CS1 maint: url-status (link) - ↑ McKinney, Derek (2024-12-23). "McDonalds delivery customers put at risk by possible data breach". derektmckinney. Retrieved 2026-02-08.
{{cite web}}: CS1 maint: url-status (link) - ↑ Blakey, John (2021-05-28). "Carpenter v. McDonald's Corporation (1:21-cv-02906)". Court Listener. Retrieved 2026-02-05.
{{cite web}}: CS1 maint: url-status (link) - ↑ "McDonald's seeks ban to forbid confidential consumer information disclosure in voice data lawsuit". PogowasRight. 2023-03-23. Retrieved 2026-02-05.
{{cite web}}: CS1 maint: url-status (link) - ↑ Edwards, Jessy (2021-10-07). "McDelivery Customers Serve McDonald's Class Action Lawsuit After Data Breach". Top Class Action. Retrieved 2026-02-05.
{{cite web}}: CS1 maint: url-status (link) - ↑ Shaak, Erin (2021-10-07). "McDonald's Hit with Class Action Over April 2021 Data Breach [DISMISSED]". ClassAction. Retrieved 2026-02-05.
{{cite web}}: CS1 maint: url-status (link)