Call in the Colonel! Popular fast food chain KFC has warned Colonel's Club loyalty scheme members in the UK that its website has been targeted and multiple accounts may have been compromised. About 1.2 million members of the Colonel's Club, which allows customers to collect Chicken Stamps and "earn their way to free food rewards," recently received an email about the breach.
"Our monitoring systems have found a small number of Colonel's Club accounts may have been compromised as a result of our website being targeted," the email read, ITV News reports. "Whilst it's unlikely you have been impacted, we advise that you change your password as a precaution."
The company also advised members that use the same login credentials across other services should reset those as well.
"As this type of problem is becoming more common online, we've now introduced additional security measures to further safeguard our members' accounts and to stop this kind of thing happening again," the email continued.
The company reportedly claimed that only 30 loyalty members were targeted but they have informed all Colonel's Club members about the data breach. The company did not disclose any specifics about the attack or what other information may have been accessed.
"We take the online security of our fans very seriously, so we've advised all Colonel's Club members to change their passwords as a precaution, despite only a small number of accounts being directly affected," the company said in a statement to Techcrunch. "We don't store credit card details as part of our Colonel's Club rewards scheme, so no financial data was compromised."
CEO and founder of security firm High-Tech Bridge Ilia Kolochenko said that it was difficult to pinpoint the hackers' motives for the attack, adding that multiple retailers and fast food chains are typically targeted during the holiday season.
"It is difficult to say what the attackers were looking for, but quite probably they were targeting many large food chains and retailers before Christmas, selecting the weakest ones as their victims," Kolochenko told IBTimes UK.
"I wonder how many retailers were already breached, but failed to detect the incident and notify their customers. Probably we will discover this in 2017 or even later. Before Christmas holidays, we should all be particularly careful and attentive to cyber attacks, as cybercriminals use the holiday rush for their benefit."