Cyber Security

McDonald’s app ‘leaks’ info of 2.2 million users

Written by Kamil Arli
According to that McDonald’s online delivery app – millions of users hit by leak.

Fast food fans have been urged to check their security protection after millions of McDonald’s customers had information revealed online.

The company’s mobile app reportedly encountered a major security issue which saw user details including names, emails, phone numbers and addresses all made freely available.

Around 2.2 million users may have been affected by the leak – here’s what you need to know.

mcdonalds india delivery app mobile leakMCDONALD’S

The app allows McDonald’s users to order delivery through their device

SEE ALSO:   As Congress repeals Internet privacy rules, putting your options in perspective
This fix did not solve the over-riding issue, with the affected server still leaking data

The leak was caused by a poorly configured server, according to Fallible, which uncovered the news.

Any simple request sent to the server caused it to malfunction and grant access to the private data stored on the servers.

However Fallible claims that this fix did not solve the over-riding issue, with the affected server still leaking data.

For now, the fault appears localised to users in India, where McDonalds has millions of regular customers.

McDonalds India says it has fixed the issue

McDonalds India says it has fixed the issue, and is telling users to upgrade their app now.

SEE ALSO:   'Error 53' bug continues to haunt Apple in the worst way

Anyone who thinks they may have been affected should also look to change their password now to stop anyone else gaining access.

It added that no financial or private information, such as passwords, bank account details or credit card numbers was ever at risk.

The company told the Times of India, “The website and app have always been safe to use and we update security measures on a regular basis.”

India often suffers from poor data protection and privacy laws, meaning online sites, apps and services are often much more poorly protected than in the UK.

“We are pleasantly surprised when we find Indian companies without a personal or payment data leak vulnerability,” it said.

SEE ALSO:   Congress votes to repeal internet privacy rules today – here’s how to stop them

The latest security worry to affect major fast food apps

The news is the latest security worry to affect major fast food apps in recent months.

Last December, KFC suffered a major breach to its Colonel’s Club app, with as many as 1.2 million UK users potentially having their accounts compromised.

Users were waned to change their passwords immediately to stop outside sources accessing their account.

Recent research from Norton by Symantec showed that that one in four Brits was affected by an online attack during the past year, with millennials and frequent travellers particularly popular targets.

Overall, cybercrime cost UK consumers £1.8 billion, showing the huge potential risk to users across the country.

About the author


Kamil Arli

Editor of Digital Media Consultant

Leave a Comment