top of page

Yum! Brands Hit With Ransomware Attack, Incident Reminds Orgs Why Security Basics Are Critical

Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant chains, has been targeted by a ransomware attack that forced the closure of 300 locations in the United Kingdom. The company operates 53,000 restaurants across 155 countries and territories, with over $5 billion in total assets and $1.3 billion in yearly net profit. Yum! Brands has confirmed that data was stolen in the attack but sees no evidence that customer information has been exposed.

The company promptly initiated response protocols and investigation upon detection of the incident, including deploying containment measures such as taking certain systems offline and implementing enhanced monitoring technology, as well as engaging the services of industry-leading cybersecurity and forensics professionals and notifying federal law enforcement. The impacted restaurants in the UK have returned to normal operations and are not expected to face any other problems relevant to the cyberattack.

Frederik Mennes, OneSpan

Frederik Mennes, Director Product Management & Business Strategy at OneSpan offered his perspective on the incident:

"First the Royal Mail and now Yum Brands, the fact that there have been two high-profile ransomware attacks in the UK already in 2023 shows that ransomware attacks are unfortunately all too common nowadays. The UK is not alone, as the very recent T-Mobile attack in the US and the attacks last year in Australia show. All countries are vulnerable.

As long as companies who fall victim to ransomware attacks actually pay the ransoms, fraudsters will be motivated to conduct more ransomware attacks.

In addition, the availability of ransomware-as-a-service has made it easier for less tech savvy fraudsters to procure ransomware malware rather than developing the malware themselves, which has led to a promulgation of ransomware attacks.

To better protect themselves, organizations should follow these five steps:

  • Perform backups of critical data, and store these backups offline

  • Perform regular security patching and software updates of IT systems

  • Deploy anti-malware software on servers

  • Deploy multi-factor authentication (MFA) for access to IT systems

  • Educate personnel about security practices, like the risks of opening e-mail attachments

Most importantly, we cannot rest on our laurels. These security practices must be continuously innovated so that we stay a step ahead of cyber criminals."



bottom of page