One of the service providers McDonald hired in its Costa Rica branch left its client data exposed which resulted in a data breach incident.
The hackers accessed client names, marital status, address, email, document identification numbers, and phone numbers from an unprotected database.
McDonald’s has informed the local legal authorities and started the investigation.
Source: https://techdator.net/mcdonalds-costa-rica-data-breach/
TPRM report: https://scoringcyber.rankiteo.com/company/mcdonald's-corporation
"id": "mcd0718522",
"linkid": "mcdonald's-corporation",
"type": "Breach",
"date": "04/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Fast Food',
'location': 'Costa Rica',
'name': "McDonald's",
'type': 'Corporation'}],
'attack_vector': 'Unprotected Database',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Contact Information']},
'description': "A service provider hired by McDonald's Costa Rica branch left "
'client data exposed, resulting in a data breach incident. '
'Hackers accessed client names, marital status, address, '
'email, document identification numbers, and phone numbers '
'from an unprotected database.',
'impact': {'data_compromised': ['Client names',
'Marital status',
'Address',
'Email',
'Document identification numbers',
'Phone numbers'],
'identity_theft_risk': 'High'},
'initial_access_broker': {'entry_point': 'Unprotected Database'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'root_causes': 'Unprotected Database'},
'response': {'law_enforcement_notified': 'Yes'},
'title': "Data Breach at McDonald's Costa Rica Branch",
'type': 'Data Breach',
'vulnerability_exploited': 'Unprotected Database'}