McDonald's India App 'leaks' customer data for more than 2.2 million users

McDonald's India App 'leaks' customer data for more than 2.2 million users

McDonald's India App 'leaks' customer data for more than 2.2 million users

A poorly configured server gave anyone access to the names, emails, home addresses and phone numbers of users, said Fallible.

McDonald reacted with, "Our site and application don't store any delicate monetary information of clients like Credit card subtle elements, wallet passwords or financial balance data".

McDonald's India said it had fixed the app and urged users to install the updated version.

McDonald's further wrote, "The website and app have always been safe to use, and we update security measure on a regular basis".

In an update to the report on hackernoon, Fallible has reported that McDonalds replied to them that the issue had been fixed; but they said, "he McDonald's fix is incomplete and the endpoint is still leaking data".

Update: McDonald's India commented on the issue with the following statement advising customers to update their app.

Premier Oil PLC (PMO) Receives GBX 89.50 Consensus Target Price from Analysts
In other news, insider Lucinda Riches acquired 5,000 shares of the business's stock in a transaction on Tuesday, December 20th. The shares were acquired at an average cost of GBX 917 ($11.21) per share, for a total transaction of £44,263.59 ($54,118.58).

The report blames an unprotected publicly accessible API endpoint that can be coupled with a series of numbers that act as customer IDs that can be used to obtain access to all users' personal information.

A post on independent blog post hackernoon claimed that McDonald's India is leaking data of 2.2 million users.

McDonald's operations in India are split into two entities - McDonald's India (West & South) and McDonald's India (North & East), and the McDelivery app and website are owned and operated by the former entity.

Popular fast food restaurant chain McDonalds or McD as we say is under the radar for data leaks in India.

It claimed to have uncovered "more than 50" instances of data leaks at Indian firms. If such an option is not present, it would help to contact McDonald's India to take suggestions on the next course of action. "We have communicated this again to them and are waiting for their response".

India often suffers from poor data protection and privacy laws, meaning online sites, apps and services are often much more poorly protected than in the UK.

Recommended News

  • Spike Lee sticks up for Colin Kaepernick: Teams shunning QB is BS

    Spike Lee sticks up for Colin Kaepernick: Teams shunning QB is BS

    The Mercury News also reported Kaepernick is spending the offseason training in NY and continuing to engage in social activism. After the season-long protest, the quarterback announced he would stand during the national anthem in the upcoming season.
    Federal Bureau of Investigation  and National Football League  security locate Tom Brady's Super Bowl LI jersey

    Federal Bureau of Investigation and National Football League security locate Tom Brady's Super Bowl LI jersey

    The report says Brady's Super Bowl XLIX jersey from two years ago was taken by the same person who took the Super Bowl LI jersey. Six weeks also passed since Brady's Super Bowl jersey was stolen by someone in the Patriots locker room.
    FIFA suspends Malian Football Federation for Government interference

    FIFA suspends Malian Football Federation for Government interference

    I and art. 19 of the FIFA Statutes to manage its affairs independently and with no influence from third parties. It also means that none of the federation's members can benefit from the development programs of FIFA or CAF.
  • RIP Bernie Wrightson, co-creator of Swamp Thing

    RIP Bernie Wrightson, co-creator of Swamp Thing

    Additionally, if you've seen the fantastic 1981 animated film Heavy Metal, then you might remember the "Captain Sternn" segment. He left DC three years later to start a career in horror art, becoming known for his vivid takes on scenes from tales by H.P.
    Sony launches new Xperia L1

    Sony launches new Xperia L1

    Since the handset doesn't really have any strong USP, the Xperia L1 will only be sold in select regions such as the Middle East. There's a 13-megapixel camera on the rear, 5-megapixel snapper on the front and it has Bluetooth 4.2 and NFC connectivity.
    Ranbir and Mahira spotted together and we can't keep calm

    Ranbir and Mahira spotted together and we can't keep calm

    The Global Teacher Prize ceremony organised by the Varkey Foundation was attended by many celebrities. It appears like Mahira is pleading to Ranbir as well as the Kapoor lad appears besotted.
  • 'No evidence of collusion' between Trump campaign, Russian Federation

    So I think it will be good to highlight that. "If he didn't do it, (Trump) shouldn't be reckless in accusations that he did". Some observers believe Trump is eroding credibility that he will need to rally Americans in a moment of national crisis.

    Allegedly detained at JFK: Former GPD Chief Aden

    He also added that the experience left him feeling vulnerable and concerned about the future of the country. He had a 25-year tenure with the force in Alexandria, Virginia where he was deputy police chief.
    Brazilian Butt Lift Surgery Causes a Woman's Death

    Brazilian Butt Lift Surgery Causes a Woman's Death

    The procedure involved sucking out the fat from the other regions of the body and injecting it back into the buttock section. Only back then, the name of the center was "Encore Plastic Surgery" and it was under the ownership of a different person.
  • Marsh, Handscomb stifle India's advantage with gritty batting

    Rahul and Vijay constructed a 91-run opening partnership before Pat Cummins unsettled Rahul into gloving a catch to wicketkeeper Wade.
    Trump did not refuse to shake Merkel's hand

    Trump did not refuse to shake Merkel's hand

    In his statement at the start, Trump praised Germany's apprenticeship program that trains people to join the industrial workforce. The most awkward moments involved Mr Trump's repeated claims that he was spied on as a candidate by the Obama administration.
    UK House Prices Rise In March: Rightmove

    UK House Prices Rise In March: Rightmove

    But the March 2017 monthly rise has only been exceeded once at this time of year since 2007. The 1.3 per cent average asking price rise in the past four weeks is equivalent to £3,877.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.