Finger lickin’ good data…
A cyber zinger has hit KFC, with hackers attacking the fried chicken giant.
1.2 million members of its Colonel’s Club loyalty system in the UK were alerted to the intrusion, with KFC telling members via email of the attack. Members were advised to change their passwords, with members also advised to change passwords on other sites if the same ones were used.
KFC said in its email to loyalty members:
“Our monitoring systems have found a small number of Colonel’s Club accounts may have been compromised as a result of our website being targeted. Whilst its unlikely you have been impacted, we advise that you change your password as a precaution.”
The nature of the attack has not yet been disclosed by the company, with no specifics about what, if any, data has been stolen in the attack. However, with members instructed to change their passwords, it could be speculated that password data was a part of the cache compromised in the attack.
While the fast food giant has remained tight-lipped on the specific of the hack, the fast food giant has been praised for its handling of the incident. Ilia Kolochenko of web security firm High-Tech Bridge called KFC’s response ‘mature’ and ‘professional’, while also saying that KFC could serve as a model for breached companies in the future.
“It’s too early to make final conclusions until KFC releases an official statement about the incident. However, we can already say that KFC’s approach to incident handling is mature and professional. Not only they managed to detect the incident in time, evaluate the scope of the breach, but also to notify the affected customers in a direct and transparent manner.
“In the light of recent mega-breaches, when tens of millions of customers were informed about tremendous data leaks months after they had actually occurred, KFC serves a good example of incident management and response.”