KFC and Pizza Hut’s Parent Company Reveals Data Breach Following Ransomware Attack
- Written by Ari Denial Cybersecurity & Tech Writer
Yum! Brands, the parent company of popular fast food chains KFC, Taco Bell and Pizza Hut has provided details regarding a ransomware attack that took place on January 2023.
With the support of approximately 36,000 employees worldwide, Yum! Brands and its subsidiaries manage over 55,000 restaurants in 155 countries and territories.
The company has confirmed that personal information of the affected individuals, including their names, driver’s license numbers, and other ID card numbers, was compromised in the attack. As a result, Yum! Brands is sending out data breach notification letters to inform the impacted parties about the incident.
According to the latest updates from the investigation, Yum! Brands has found no indications of the stolen data being used for identity theft or fraud. However, as a precautionary measure, the company was compelled to close down approximately 300 restaurants in the UK.
The annual report filed by Yum! Brands with the U.S. Securities and Exchange Commission (SEC) has revealed that the company was a victim of a ransomware attack in 2022. The attack resulted in the temporary disruption of certain IT systems within the organization.
As a consequence, around 300 restaurants in one market were closed for a day, and data was taken from the network during the incident.
Yum! Brands has stated that it may incur expenses related to the ransomware attack, including costs associated with responding to, remediating, and investigating the incident. The disclosure was made in a statement issued by the company in response to the attack.
In a filing made with the U.S. Securities and Exchange Commission (SEC) in January, Yum! Brands expressed confidence that the ransomware attack would not result in any significant financial impact on the company.
The statement indicated that the incident had caused only temporary disruptions, and Yum! Brands did not anticipate any material adverse effects on its business, operations, or financial results.
The report stated that while the ransomware attack caused temporary disruptions, the company does not expect the incident to materially affect its business, operations, or financial results. Additionally, the company has not reported any restaurant disruptions beyond the affected market.
MSI Acknowledges Breach as Money Message Ransomware Group Takes Credit for Cyberattack
- Written by Ari Denial Cybersecurity & Tech Writer
MSI (Micro-Star International Co. Ltd.), a Taiwanese PC manufacturer, has confirmed that it was targeted in a cyberattack by a ransomware. The attack was carried out by the Money Message ransomware group, which claimed to have breached some of MSI’s systems.
As per the group’s claims, they have already stolen files, and if MSI refuses to pay the ransom of $4 million, the group plans to leak the data online next week.
In a press release , MSI disclosed that it was a victim of a “cyberattack,” but the statement was not specific about the type of attack or the identity of the suspected perpetrator.
MSI reported that its information department acted swiftly upon discovering network anomalies and triggered appropriate defense mechanisms to mitigate the attack. The department also executed recovery procedures to restore systems to their normal state.
Additionally, MSI notified government law enforcement agencies and cybersecurity units about the incident to investigate the attack and prevent similar incidents in the future.
As per the discussions between the MSI representative and the ransomware gang, the attackers asked for a ransom amount of $4,000,000.
The group justified the demand by stating that they had accessed and exfiltrated approximately 1.5 terabytes of documents from MSI’s network, which they could leak online.
The Money Message ransomware group has given an ultimatum to MSI, warning the company to fulfill its ransom demands; otherwise, the group will release the stolen files online.
The threat actors behind the MSI ransomware attack have included the company’s name on their data leak website. As of now, the group has shared some screenshots, which they claim are from MSI’s Enterprise Resource Planning (ERP) databases.
They have also published files that include software BIOS firmware, source code and private keys. However, the group has not released the complete data set yet.
