Cybersecurity firm Fallible on Saturday revealed that McDonald’s India app McDelivery has reportedly leaked the personal information of its customers for an unspecified duration of time. According to the reports, the app leaked information like name, email address, phone number, home address, accurate home coordinates, and social profile links of more than 2.2 million customers.
The McDonald’s India app, McDelivery is leaking personal data for more than 2.2 million of its users which includes name, email address, phone number, home address, accurate home co-ordinates and social profile links
An unprotected publicly accessible API endpoint for getting user details coupled with serially enumerable integers as customer IDs can be used to obtain access to all users personal information.
McDonald’s says app, website don’t store financial data.