DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

McDonald’s hat trick of the week: three cases involving insider breaches make the media

Posted on November 19, 2011 by Dissent

It looks like McDonald’s made a media hat trick this week in terms of dishonest employees and card fraud or ID theft. First, employees in Illinois and  Washington were caught skimming customers’ debit and credit cards, and now Dave Gibson reports on a case from Georgia:

On Wednesday, Eva Ramos, 36, a former McDonald’s restaurant manager, was sentenced in U.S. District Court to 32 months in federal prison for her role in an ID theft scheme.

Ramos pleaded guilty to selling the identities of U.S. citizens to illegal aliens employed in McDonald’s restaurants throughout the Savannah area.

Read more on Examiner.com.

Skimming customers’ cards? Selling and using others’ identities to work at McDonald’s? What’s going on here?

I’m sure McDonald’s has many honest employees, but that’s at least the sixth report of employee-related fraud involving McDonald’s this year.  In addition to the three incidents mentioned above, another young employee was accused of skimming hundreds of customers’ cards at a drive-thru window in Monticello, Minnesota this summer. After that breach, a corporate spokesperson said:

Nothing is more important to us than the security of our customers. This is an isolated incident which we take very seriously. Please be assured that this is not reflective of the values of our employees.

But how isolated is it, really, when at about the same time, hundreds of other customers had their cards skimmed at a drive-thru window at Norfolk (Virginia) Naval Station? Or you find an elaborate credit card fraud ring operating out of Mandeville, Lousiana that also obtained customer’s card numbers at the drive-thru window? Or you have two new reports within this past week alone after another drive-thru window skimming report from Michigan last month?

McDonald’s has a lot of stores – many more than Burger King.  By chance, then, one would expect more incidents at McD’s than Burger King, but when you do not see any reports of insider breaches involving Burger King, and six involving McDonald’s insiders, well…. you do the math.

The hospitality sector continues to be the single biggest sector for breaches relating to card fraud or misuse, with some studies suggesting they compromise 23 – 40% of all card-related breaches. McDonald’s is clearly not the only fast-food operation experiencing breaches involving customer card data.  A chain of 23 Burger King franchises owned by Liberty Restaurant Group and six stores owned by EDN in Georgia had multiple stores compromised in what appears to be  POS-related compromises. In contrast, I’ve seen no reports of POS hacks involving McDonald’s databases containing credit or debit card info.  So if they are getting security right on their electronic databases, why so many incidents of  young employees skimming cards at drive-thru windows? They need to get employee security right, too.

I asked McDonald’s for a statement about the reports of insider breaches, and they sent this statement:

Rest assured we take matters re: safety and security extremely seriously.

We have cooperated fully with the authorities in their investigation of these crimes.

McDonald’s and our franchisees will not tolerate this type of behavior.”

Well, okay. But what is McDonald’s doing or going to do differently to prevent these employee-related breaches?

[Small update/correction to add Michigan breach]

Category: Breach IncidentsBusiness SectorID TheftInsiderOf NoteU.S.

Post navigation

← PA: In the aftermath of a flood, a discarded computer leads to a breach notice
Laptop stolen from Morris Heights Health Center contained middle school students' health info →

1 thought on “McDonald’s hat trick of the week: three cases involving insider breaches make the media”

  1. garykva says:
    November 22, 2011 at 6:27 am

    People just have to be aware. IF I use a CC at a drive thru establishment, I watch them. The McDonalds near me has the CC POS swipe device in plain view of the customer. That kind of deters the ability to hide around a corner and do thier magic.

    Lets say that some of these people don’t use thinking as their primary mode of living. If they do the math, and read the news of any type, they should notice that this type of activity ISNT hard to detect and figure out. If they are getting 15-30 bucks a card, they mind as well give up those many days in jail and payback in restitution. They are just asking to be thrown in the slammer.

    Social profiling exists. I wonder if McDonalds even runs a security check on these people, or better yet inquires through the freedom of information act, the addressses of the employees to see if there is a pattern of involvement with the authorities.

    Again, as long as the press isn’t too overly negative, and the fines (if any) aren’t too steep, thus not effecting their bottom line (Profit$), its a shrug and move on to depositing their corporate heaps of cash.

    Employee awareness and the ability to report such activity without retaliation in the consumer world should be accepted, and praised. Someone catches a person skimming? Hire them as an assistant manager and fire the current manager and assistant managers.

    Or better yet, offer a ATM checkout device at the 1st drive up window. You swipe your own card, and limit the CC handling. Or, people can take security seriously and GO INTO the establishment and use the card or pay for items with cold hard cash.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
  • Websites selling hacking tools to cybercriminals seized
  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database
  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.