Contact
Lost Your Appetite? Yum Brands Admits to Compromised PII - Talion

Remember when 300 UK restaurants shut down for a day in January 2023?

Yum Brands, known as the parent brand of KFC and Pizza Hut, were struck with a ransomware attack earlier this year.

Customer and employee data was presumably safe, but there’s now been an update…

 

Let’s Take it Back to January… 300 UK Restaurants Shut

Amidst a ransomware attack that infected the business’ IT systems, Yum Brands released a statement back on January 18th on their website – only the beginning of their journey to mitigate the risk from the attack.

They announced the detection of the incident and that response protocols were in place, from shutting down systems to implementing enhanced monitoring technology, and an investigation was launched in correspondence with forensic professionals and the Federal law enforcement.

The Yum Brands statement explained: “Less than 300 restaurants in the United Kingdom were closed for one day, but all stores are now operational. The Company is actively engaged in fully restoring affected systems, which is expected to be largely complete in the coming days. Although data was taken from the Company’s network and an investigation is ongoing, at this stage, there is no evidence that customer databases were stolen.”

They have, so far, been correct, and customer data has been safe from preying eyes.

Employee data, however, is a different story.

 

Customer Data is Safe – but on the Flip Side?

Recent news has shown that the ransomware attack on Yum Brands isn’t over – not because they are still an active target, but because they are still dealing with the consequences.

A filing with the Maine Attorney General’s Office revealed that personal employee information was also compromised during the attack, from ID card details to driver’s license numbers. As a result, Yum Brands have sent notification letters to all those affected to warn them of their leaked data.

As of yet, there has been no evidence of identity theft or fraud – an immediate consequence to be aware of when PII is in the hands of anyone other than the individual themselves – but that doesn’t mean the data is void. Typically cyber criminals use it for blackmail purposes, phishing emails or even to trade on underground hacker portals. It’s hard to know how much data they have and what it’s being used for, and that’s what makes it a dangerous situation to deal with.

 

Ransomware Repercussions are Never Ending

As an outsider, it’s easy to see a ransomware attack like Yum Brands and assume the company has recovered immediately, as soon as they’re wiped off the news stories. However, as we’ve seen with this ransomware attack in particular, but also the leaked LockBit chats from the Royal Mail attack, updates are often released months after the event. It’s difficult to retrieve accurate details of data misuse by cyber criminals – at least not straight away – and so these investigations take time.

Companies need to be aware that recovering from ransomware isn’t as easy as merely stopping the attack; the incident response processes and financial/reputational damages are just as significant.

At Talion, we encourage organisations to join the #RansomAware movement and speak out about their experiences with warding off ransomware. If we can pool intelligence and spread the word, more organisations will be aware of ransomware’s detrimental consequences and we can stop cyber shaming once and for all.

 

 

Download our 8 ransomware mitigation tactics and make an immediate change to fight ransomware.

For a tailored discussion on mitigating your organisational risk, book a consultation with us.

 
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
24x7x365 UK-based Security Operations Centre
Talion
Service underpinned by market leading threat intelligence team
Talion
Continually developed threat relevant content, backed by SLAs
Talion
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Talion
Experts in SIEM and SOAR technology
Talion
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.

CISO Cyber Dinner – Register Your Interest!

Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.