Yum Brands, the parent company of popular fast-food chains KFC, Pizza Hut, and Taco Bell, has disclosed a data breach after a ransomware attack on its systems. The company, which operates more than 50,000 restaurants in over 150 countries, said the breach occurred in late May 2021 and was discovered during an investigation into the ransomware attack. The attackers were able to access certain information, including the payment card information of some customers who made purchases at certain KFC, Pizza Hut, and Taco Bell locations in the US. The information stolen included card numbers, expiration dates, and CVV codes.
Yum Brands said it has notified affected customers and is offering them free credit monitoring and identity protection services. The company also said it has taken steps to enhance its security measures and is working with law enforcement and third-party cybersecurity experts to investigate the breach.