A threat actor claims that data belonging to McDonald’s has been exposed following a security breach at an unnamed third-party partner. In a public message, the actor directly addressed McDonald’s, urging them to compel their partner to respond to emails regarding the incident.
The actor states that the partner’s breach has put a total of 220 million records at risk, including data from McDonald’s and other major corporations. They have threatened to reveal the name of the breached partner soon. The actor clarified that the data is not for sale and that their goal is to establish communication with the responsible partner.
To support their claims, the threat actor posted a screenshot showing a sample of the data. Based on the sample, the allegedly compromised data includes:
- Full names
- Corporate email addresses
- Phone numbers
- Physical addresses
