Technology News
English Edition
  • Home
  • Internet
  • Internet News
  • McDonald’s India Delivery System Reportedly Exposed Personal Information of Customers Due to API Bug

McDonald’s India Delivery System Reportedly Exposed Personal Information of Customers Due to API Bug

The security flaws were first discovered by security researcher Eaton Zveare.

Written by Akash Dutta, Edited by Siddharth Suvarna | Updated: 19 December 2024 19:51 IST
McDonald’s India Delivery System Reportedly Exposed Personal Information of Customers Due to API Bug

Photo Credit: Reuters

McDonald’s India reportedly claimed that customer data was not breached as a result of the security flaws

Click Here to Add Gadgets360 As A Trusted Source As A Preferred Source On Google
Highlights
  • The bugs were found in the delivery system’s API
  • McDonald’s India West and South divisions were affected by the bugs
  • The vulnerabilities were found in July and were fixed in late September
Advertisement

McDonald's India reportedly left the personal data of its customers and drivers exposed due to a security flaw. As per the report, the vulnerabilities arose due to bugs in the application programming interface (API) of the restaurant franchise's delivery system. The entire McDonald's India West and South divisions were said to be affected by this security flaw that could let anyone access and hijack orders placed on the system. The bugs were reportedly first spotted in July and were fixed by late September.

McDonald's India Reportedly Had a Major Security Flaw

According to a TechCrunch report, the APIs of the delivery system used by the West and South divisions of McDonald's India, owned by Hardcastle Restaurants, were affected by several simple security flaws. These bugs were first discovered by security researcher Eaton Zveare, who revealed the details to the publication.

Due to the vulnerabilities, anyone with knowledge could reportedly access, hijack, redirect, or track orders in real-time. Bad actors could reportedly also place legitimate orders for $0.01 (roughly Rs. 0.85) by manipulating the delivery system's API.

Notably, the delivery system is used for placing orders and tracking. It contains customer names, phone numbers, and addresses, as well as personal information of the delivery personnel such as vehicle numbers, profile pictures, location data, and more.

The open access to the API was reportedly caused as it was not properly monitoring that only the authorised people were placing orders and tracking the information. The vulnerabilities reportedly left the system open for an attack and would even let a potential hacker access invoices and submit feedback for delivered orders.

The security researcher is said to have reported the vulnerabilities to McDonald's India in July, and they were fixed in late September. The restaurant chain told TechCrunch that a thorough verification of the system and log data was conducted and it was determined that no security breach occurred as a result of the API bugs. McDonald's India reportedly also maintained that customer data was not accessed by anyone outside of the organisation.

While the restaurant chain did not reveal the number of customers whose personal information was exposed as a result of the security flaws, the researcher reportedly claimed that hundreds of millions of orders were exposed.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: McDonalds, India, Cybersecurity
Akash Dutta
Akash Dutta
Akash Dutta is a Chief Sub Editor at Gadgets 360. He is particularly interested in the social impact of technological developments and loves reading about emerging fields such as AI, metaverse, and fediverse. In his free time, he can be seen supporting his favourite football club - Chelsea, watching movies and anime, and sharing passionate opinions on food. More
Realme 14 Pro 5G Series Shown Off With Temperature-Sensitive Colour-Changing Rear Panel

Related Stories

McDonald’s India Delivery System Reportedly Exposed Personal Information of Customers Due to API Bug
Comment
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi

Advertisement

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Apple Finally Releases iOS 26.2 Update for iPhone With These Features
  2. OnePlus 15R Confirmed to Come With 32-Megapixel Selfie Camera
  3. Supernatural Thriller Jatadhara Now Streaming on OTT: All the Details
  4. Rocket Lab's "Hungry Hippo" Fairing Gets Flight-Ready for Neutron's 2026 Debut
#Latest Stories
  1. Kepler and TESS Discoveries Help Astronomers Confirm Over 6,000 Exoplanets Orbiting Other Stars
  2. Supernatural Thriller Jatadhara Arrives on OTT: Where to Watch Sonakashi Sinha-Starrer Film Online?
  3. OnePlus 15R Confirmed to Come With 32-Megapixel Selfie Camera, 4K Video Recording Support
  4. Rocket Lab Clears Final Tests for New 'Hungry Hippo' Fairing on Neutron Rocket
  5. Apple Rolls Out iOS 26.2 Update for iPhone With Liquid Glass Customisation, Changes to Apple Music, and More
  6. Aaromaley Now Streaming on JioHotstar: Everything You Need to Know About This Tamil Romantic-Comedy
  7. Astronomers Observe Star’s Wobbling Orbit, Confirming Einstein’s Frame-Dragging
  8. Galaxy Collisions Found to Activate Supermassive Black Holes, Euclid Data Shows
  9. JWST Detects Oldest Supernova Ever Seen, Linked to GRB 250314A
  10. Chandra’s New X-Ray Mapping Exposes the Invisible Engines Powering Galaxy Clusters
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »