Talion is a finalist for Best SIEM Solution
Talion is a finalist for Best SIEM Solution
Talion is a finalist for Best SIEM Solution
Remember when 300 UK restaurants shut down for a day in January 2023?
Yum Brands, known as the parent brand of KFC and Pizza Hut, were struck with a ransomware attack earlier this year.
Customer and employee data was presumably safe, but there’s now been an update…
Amidst a ransomware attack that infected the business’ IT systems, Yum Brands released a statement back on January 18th on their website – only the beginning of their journey to mitigate the risk from the attack.
They announced the detection of the incident and that response protocols were in place, from shutting down systems to implementing enhanced monitoring technology, and an investigation was launched in correspondence with forensic professionals and the Federal law enforcement.
The Yum Brands statement explained: “Less than 300 restaurants in the United Kingdom were closed for one day, but all stores are now operational. The Company is actively engaged in fully restoring affected systems, which is expected to be largely complete in the coming days. Although data was taken from the Company’s network and an investigation is ongoing, at this stage, there is no evidence that customer databases were stolen.”
They have, so far, been correct, and customer data has been safe from preying eyes.
Employee data, however, is a different story.
Recent news has shown that the ransomware attack on Yum Brands isn’t over – not because they are still an active target, but because they are still dealing with the consequences.
A filing with the Maine Attorney General’s Office revealed that personal employee information was also compromised during the attack, from ID card details to driver’s license numbers. As a result, Yum Brands have sent notification letters to all those affected to warn them of their leaked data.
As of yet, there has been no evidence of identity theft or fraud – an immediate consequence to be aware of when PII is in the hands of anyone other than the individual themselves – but that doesn’t mean the data is void. Typically cyber criminals use it for blackmail purposes, phishing emails or even to trade on underground hacker portals. It’s hard to know how much data they have and what it’s being used for, and that’s what makes it a dangerous situation to deal with.
As an outsider, it’s easy to see a ransomware attack like Yum Brands and assume the company has recovered immediately, as soon as they’re wiped off the news stories. However, as we’ve seen with this ransomware attack in particular, but also the leaked LockBit chats from the Royal Mail attack, updates are often released months after the event. It’s difficult to retrieve accurate details of data misuse by cyber criminals – at least not straight away – and so these investigations take time.
Companies need to be aware that recovering from ransomware isn’t as easy as merely stopping the attack; the incident response processes and financial/reputational damages are just as significant.
At Talion, we encourage organisations to join the #RansomAware movement and speak out about their experiences with warding off ransomware. If we can pool intelligence and spread the word, more organisations will be aware of ransomware’s detrimental consequences and we can stop cyber shaming once and for all.
Download our 8 ransomware mitigation tactics and make an immediate change to fight ransomware.
For a tailored discussion on mitigating your organisational risk, book a consultation with us.
Call us directly and we’ll put you in touch with the most relevant cyber expert.
Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.
