McDonald’s has disclosed a data breach after hackers stole personal data belonging to customers and employees from the US, South Korea, and Taiwan. The fast-food chain is currently notifying affected customers and relevant authorities in all impacted markets. The number of customer documents exposed in the incident was small, and the breach did not impact customers’ payment info in any way. In 2017, the company was forced to fix a cross-site scripting (XSS) vulnerability affecting its official website and exposing customers’ plain text passwords.
Source: https://www.bleepingcomputer.com/news/security/mcdonalds-discloses-data-breach-after-theft-of-customer-employee-info/