It seems that the last few months have been filled with major cyberattacks, particularly those taking advantage of major businesses that might not initially be considered targets for these kinds of acts. For instance, McDonald’s Restaurants was recently breached. Let’s examine the situation, and how it plays into the recent trends we’ve witnessed.
What Happened in this Breach?
McDonald’s Corp recently announced that some of their data had been stolen by hackers, after systems in South Korea, Taiwan, and the United States were breached. According to the company, they had identified unauthorized activity through their internal security, managing to cut it off a week after its discovery. With the assistance of hired consultants, it was discovered that some of the company’s data had been exfiltrated.
McDonald’s informed their employees in the United States that the breach had involved contact information for franchisees and employees, in addition to some infrastructural data about its locations. Fortunately, it seems that no sensitive data regarding any employees was breached, with no customer data absconded with. However, the restaurant chain has advised its franchises and employees to keep an eye out for any potential phishing emails they could receive.
In its Asian markets, customer emails, phone numbers, and delivery addresses were stolen. Regulators were quickly informed, with the company also reaching out to employees in South Africa and Russia to follow up on possible breaches there.
Cybercrime Targeting Businesses Has Been Prevalent
While this breach didn’t involve the use of ransomware, it is still difficult not to group it amongst other attacks we’ve seen recently. In addition to the frequent attacks we’ve seen over the past few years against the healthcare industry and local government bodies, the past few months have given us two major ransomware attacks—one against a global meat distributor, the other against a major pipeline in the United States. Volkswagen has also had its data lifted from a third-party vendor, putting data regarding prospective buyers and existing customers in the wild.
Clearly, No Business is Safe… So What Can Be Done?
With the way that ransomware has developed (focusing on stealing its targets’ data before encrypting it, so that they can sell it after the fact) along with other varieties of cyberattacks, businesses are only under increased threats… and because many such infections are spread through means like phishing, protecting your business will require you to do a bit more than keeping an antivirus up to date (which you should do regardless, of course).
Instead, your team members need to be able to not only spot potential phishing threats as they come in, they need to know how to handle them appropriately. This will require ongoing employee education and training as the threats facing businesses continue to develop, in addition to diligent monitoring of your IT solutions. Simply IT can help with all this, and more.
Reach out to us at (484) 221-6199 to learn more.