Russia-linked hacker gang claims ransomware attack on McDonald’s as feds issue ‘shields’ for ALL US companies to ‘prepare for disruptive cyber activity’
A Russian-linked ransomware group has claimed a cyberattack on McDonald’s Corporation as federal officials warn of possible widespread attacks on US businesses in the wake of Russia’s unprovoked invasion of Ukraine.
The Snatch hacker gang on Friday said it had stolen 500 gigabytes of data from the Chicago-headquartered fast food giant by posting its undisclosed ransom demand on the dark web.
A spokesperson for McDonald’s did not immediately respond to ‘s request for comment.
This comes as the U.S. Agency for Cybersecurity and Infrastructure Security is issuing a “protection” alert to all U.S. businesses and organizations, urging them to take steps to protect themselves from a potential cyberattack.
The hacker group Snatch posted files on the dark web on Friday claiming to have stolen 500 gigabytes of data from McDonald’s.
“Russia’s unprovoked attack on Ukraine, which was accompanied by cyberattacks on the Ukrainian government and critical infrastructure organizations, could have implications for our own country’s critical infrastructure, a potential we have been warning about for months,” the agency said.
“Every organization, large and small, must be prepared to respond to disruptive cyber activity,” the CISA warned.
“While there are currently no specific or credible cyber threats on U.S. soil, we are mindful of the potential for Russia’s destabilizing actions to affect organizations both in the region and beyond, especially in connection with sanctions imposed by the United States and our allies,” the agency said in a statement.
McDonald’s is an iconic American company headquartered in Chicago.
Experts warn that Russia’s criminal hacker gangs, which often operate with the tacit approval of the government, appear to be supporting Vladimir Putin in his confrontation with the West.
“It’s no surprise that Russian-linked cybercriminals are supporting Russia,” Brett Callow, a threat analyst at Emsisoft, told .
“While some of their threats may be dormant — they likely don’t have the ability to shut down critical infrastructure at will — it’s still a good time for all organizations to make sure their shields are fully up. This is a changing and unpredictable situation,” he added.
An evolving story, to be continued.