Posted On April 14, 2023 Consumer Privacy & Data Breaches
April 14 – Yum! Brands, Inc. discovered on April 7, 2023 that it had been the target of a ransomware attack, which resulted in the compromise of data belonging to customers of the company. Yum! Brands promptly notified the Attorney General of Maine of the data breach, and the notice filing took place on April 7. According to the report provided by the corporation, the event led to a third party that was not authorized to have access to the identities of customers as well as other critical information. Yum Brands started sending out data breach notification letters once it was established that customer data had been compromised. These letters were sent to all people whose personal information had been compromised as a result of a recent breach in data security.
Console & Associates, P.C.’s data breach lawyers are now conducting an investigation into the data breach that occurred at Yum! Brands, Inc. We are providing free consultations in which we may explore your legal possibilities for collecting compensation from Yum! Brands. If you have received a breach notice and are interested in learning about the hazards of identity theft and what you can do to protect yourself, please contact us.
The parent firm, Yum! Brands, Inc. and its affiliated companies are in the quick-service restaurant business and operate and franchise outlets in various countries. Taco Bell, Kentucky Fried Chicken, and Pizza Hut are just a few of the well-known names under the company’s umbrella. Yum! Brands, with headquarters in Louisville, Kentucky, manages an international chain of nearly 55,000 restaurants. Yum! Brands began operations in 1997 and has grown to employ over 36,000 people and produce $6.8 billion in yearly sales.
Yum! Brands recently discovered that, on January 13, 2023, an unauthorized entity gained access to the company’s computer system through a ransomware assault, as detailed in a complaint with the Attorney General of Maine. Yum Brands’ reaction was to tighten security throughout its IT infrastructure, alert law authorities, and start working with outside cybersecurity experts to determine what had happened.
According to Yum! Brands’ probe, the ransomware attackers gained access to files holding sensitive information about customers.
Yum! Brands has begun reviewing the affected files to determine what information was stolen and how many customers were affected after the discovery that sensitive customer data was made accessible to an unauthorized person.
Yum! Brands notified all customers whose personal information was affected in the current data security incident on April 6, 2023 through data breach letters.
Ransomware is a kind of malicious software that is installed on a company’s computer network by hackers during a cyberattack. Malicious software like this encrypts files and prevents the organization from accessing its own network. Encryption is the process of encoding data so that only those with the key can read it.
The hackers leave a message demanding payment in exchange for the release of the data, which is where the term “ransom” originates from. The data will be decrypted, and the attack will stop once the ransom is paid.
However, hackers’ threats have become more sinister recently. If a business regularly backs up its data, it has less of a reason to pay the ransom. Therefore, cybercriminals have started using a practice known as “double extortion.” If the firm does not pay, the hackers threaten to publish the encrypted data on the dark web, where they may be used by anybody for fraudulent purposes.
If data protection solutions are kept up-to-date and in good working order, ransomware assaults may be avoided. Hackers hunt for and exploit weaknesses in outdated technologies. With modern tools, businesses can stop assaults before they happen.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Yum! Brands, Inc. data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the letter sent to affected individuals:
We are writing to provide you with information about a cybersecurity incident involving your personal information that occurred in mid-January 2023. While we have no evidence of identity theft or fraud involving your data, we wanted to share some details and offer you some resources that you may find helpful. Please note the section titled “What You Can Do” below.
What Happened? As we announced publicly in mid-January, Yum! experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. Upon discovery, we took steps to lock down impacted systems, notified federal law enforcement authorities, worked with leading digital forensics and restoration teams to investigate and recover from the incident, and deployed enhanced 24/7 detection and monitoring technology. Once the incident was contained, we initiated a detailed review, with the assistance of outside specialists, to identify whether personal information belonging to individuals may have been present in files that were affected during the incident.
What Information is Involved? Our review determined that the exposed files contained some of your personal information, including [Redacted]
What Are We Doing? As noted above, we have no evidence of identity theft or fraud involving your personal information, but we are contacting you out of an abundance of caution to offer support and provide resources.
What You Can Do. As a matter of general precaution, it is always good practice to be vigilant against identity theft and fraud by reviewing your account statements and monitoring any available credit reports for unauthorized or suspicious activity, and by taking care in response to any email, telephone or other contacts that ask for personal or sensitive information (e.g., phishing). Yum! will never request sensitive information by phone or email. You may also review the attached Steps You Can Take to Help Protect Your Information as a helpful resource. We are also providing complimentary credit monitoring and identity protection services for 2 years via IDX. These services include credit monitoring, a $1,000,000 insurance reimbursement policy and full managed identity restoration in the event that you fall victim to identity theft, and dark web monitoring to monitor if your data appears in illicit online forums. To activate these services, you may follow the instructions included in the attached Steps You Can Take to Help Protect Your Information.
For More Information. For further information, please call 888-566-0758 Monday to Friday 9 am – 9 pm Eastern Time.