1.2 Million KFC Customers Warned Of Data Breach

Well-known fast food restaurant chain, KFC, has warned all 1.2 million of its loyalty card customers their details may have been breached after their website had been attacked in a cyber hack.

The fast food chain’s Head of IT, Brad Scheiner, issued the warning saying that “only around 30 members were targeted”.

The insinuation from KFC appears to be that, because only a ‘small’ number of members have been targeted, the breach is less serious. But that isn’t always the case, as any data breach can be a breach of data protection rights afforded to us under the Data Protection Act (DPA).

Precautions taken by the fast food chain

As a precautionary measure, KFC has contacted customers that hold a loyalty card for the Colonel’s Club scheme to warn of the breach, advising people to change passwords. For those members who have used the same password across multiple accounts, this could be disastrous as the cyber-hackers could gain access to more information.

What information was breached?

Members may be able to get comfort from the fact that KFC say that no financial information was compromised. Still, personal details such as names, addresses, email addresses and passwords are thought to be part of the personal information that was hacked.

Additional security measures

The email that the fast food chain sent out said the following:

“…our monitoring systems have found a small number of Colonel Club accounts may have been compromised as a result of our website being targeted.”

This should give some assurance that KFC had some systems in place to detect hacking, but the system is arguably not good enough to completely defend against an attack.

As a result of the attack, KFC has introduced “additional security measures to further safeguard [their] members’ accounts”. This is a common thing with companies and organisations that fall victim to cyber-hacks; they fail to have a secure system but then introduce ‘additional measures’ post-breach (after the damage has been done!).

Do more to protect data; or face the consequences

It’s time for companies and organisations, like KFC, to be proactive in their data protection approach. It’s of little use when their members’ personal data has been breached. Although this may be a ‘small breach’ in terms of numbers involved, this should serve as a warning that the volume of the breach could’ve been much greater, with much more devastating consequences.

The fast food chain were lucky to not be subject to a greater hacking e.g. 1.2 million. However, if they continue to be lax in their cybersecurity, this could be something they face in the imminent future.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.