DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

McDonald’s hat trick of the week: three cases involving insider breaches make the media

Posted on November 19, 2011 by Dissent

It looks like McDonald’s made a media hat trick this week in terms of dishonest employees and card fraud or ID theft. First, employees in Illinois and  Washington were caught skimming customers’ debit and credit cards, and now Dave Gibson reports on a case from Georgia:

On Wednesday, Eva Ramos, 36, a former McDonald’s restaurant manager, was sentenced in U.S. District Court to 32 months in federal prison for her role in an ID theft scheme.

Ramos pleaded guilty to selling the identities of U.S. citizens to illegal aliens employed in McDonald’s restaurants throughout the Savannah area.

Read more on Examiner.com.

Skimming customers’ cards? Selling and using others’ identities to work at McDonald’s? What’s going on here?

I’m sure McDonald’s has many honest employees, but that’s at least the sixth report of employee-related fraud involving McDonald’s this year.  In addition to the three incidents mentioned above, another young employee was accused of skimming hundreds of customers’ cards at a drive-thru window in Monticello, Minnesota this summer. After that breach, a corporate spokesperson said:

Nothing is more important to us than the security of our customers. This is an isolated incident which we take very seriously. Please be assured that this is not reflective of the values of our employees.

But how isolated is it, really, when at about the same time, hundreds of other customers had their cards skimmed at a drive-thru window at Norfolk (Virginia) Naval Station? Or you find an elaborate credit card fraud ring operating out of Mandeville, Lousiana that also obtained customer’s card numbers at the drive-thru window? Or you have two new reports within this past week alone after another drive-thru window skimming report from Michigan last month?

McDonald’s has a lot of stores – many more than Burger King.  By chance, then, one would expect more incidents at McD’s than Burger King, but when you do not see any reports of insider breaches involving Burger King, and six involving McDonald’s insiders, well…. you do the math.

The hospitality sector continues to be the single biggest sector for breaches relating to card fraud or misuse, with some studies suggesting they compromise 23 – 40% of all card-related breaches. McDonald’s is clearly not the only fast-food operation experiencing breaches involving customer card data.  A chain of 23 Burger King franchises owned by Liberty Restaurant Group and six stores owned by EDN in Georgia had multiple stores compromised in what appears to be  POS-related compromises. In contrast, I’ve seen no reports of POS hacks involving McDonald’s databases containing credit or debit card info.  So if they are getting security right on their electronic databases, why so many incidents of  young employees skimming cards at drive-thru windows? They need to get employee security right, too.

I asked McDonald’s for a statement about the reports of insider breaches, and they sent this statement:

Rest assured we take matters re: safety and security extremely seriously.

We have cooperated fully with the authorities in their investigation of these crimes.

McDonald’s and our franchisees will not tolerate this type of behavior.”

Well, okay. But what is McDonald’s doing or going to do differently to prevent these employee-related breaches?

[Small update/correction to add Michigan breach]

Category: Breach IncidentsBusiness SectorID TheftInsiderOf NoteU.S.

Post navigation

← PA: In the aftermath of a flood, a discarded computer leads to a breach notice
Laptop stolen from Morris Heights Health Center contained middle school students' health info →

1 thought on “McDonald’s hat trick of the week: three cases involving insider breaches make the media”

  1. garykva says:
    November 22, 2011 at 6:27 am

    People just have to be aware. IF I use a CC at a drive thru establishment, I watch them. The McDonalds near me has the CC POS swipe device in plain view of the customer. That kind of deters the ability to hide around a corner and do thier magic.

    Lets say that some of these people don’t use thinking as their primary mode of living. If they do the math, and read the news of any type, they should notice that this type of activity ISNT hard to detect and figure out. If they are getting 15-30 bucks a card, they mind as well give up those many days in jail and payback in restitution. They are just asking to be thrown in the slammer.

    Social profiling exists. I wonder if McDonalds even runs a security check on these people, or better yet inquires through the freedom of information act, the addressses of the employees to see if there is a pattern of involvement with the authorities.

    Again, as long as the press isn’t too overly negative, and the fines (if any) aren’t too steep, thus not effecting their bottom line (Profit$), its a shrug and move on to depositing their corporate heaps of cash.

    Employee awareness and the ability to report such activity without retaliation in the consumer world should be accepted, and praised. Someone catches a person skimming? Hire them as an assistant manager and fire the current manager and assistant managers.

    Or better yet, offer a ATM checkout device at the 1st drive up window. You swipe your own card, and limit the CC handling. Or, people can take security seriously and GO INTO the establishment and use the card or pay for items with cold hard cash.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
  • Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Florida bill requiring encryption backdoors for social media accounts has failed
  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants
  • DOGE aims to pool federal data, putting personal information at risk

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.