/viestories/media/media_files/2024/12/21/BbrBnGpPfVlCPXxRAyDu.jpg)
McDonald's India’s delivery service, McDelivery, experienced a security vulnerability that allegedly exposed personal data of both customers and delivery drivers.
The flaw, discovered by security researcher Eaton Zveare from Traceable AI, was in the API used for order placement and tracking. Zveare reported the issue to McDonald’s India in July, and the company addressed the vulnerability by late September.
The breach specifically affected McDonald's West & South India franchise, which is managed by Hardcastle Restaurants Private Limited (HRPL).
While McDonalds India maintains that its internal audits found no breach of customer data they assured that they regularly conduct security checks and have strengthened their systems accordingly. Despite this assurance Zveares findings highlighted serious concerns.
Read more - Baaz Bikes Teams Up with Tata Power-DDL to Power Electric Mobility in Delhi
The vulnerabilities allowed unauthorized access to sensitive information, including names, phone numbers and vehicle details of delivery drivers. It also enabled users to modify order prices, placing orders for as little as INR 1. Furthermore the flaw allowed for the hijacking of orders by redirecting them to different addresses and real-time tracking of delivery riders’ locations.
In addition to these issues, unauthorized users could access invoices or submit feedback for orders they didn’t make. There was also limited access to internal admin data through the same API weaknesses.
/viestories/media/media_files/2025/08/07/gift_ads_01-2025-08-07-16-54-28.jpg)
This incident follows other notable cybersecurity issues in India, including a recent leak of personal data from ride-hailing service rapido due to a vulnerability in its feedback form.
These incidents highlight growing concerns over cybersecurity practices in India, especially concerning the protection of personal data in the tech and service sectors.
Want to go deeper into the world of startups and entrepreneurship? Check out these categories on VIESTORIES:
Startup Funding and Stories: Discover Funding Trends and Stories Shaping Indian Startups.
Funding News: Your Gateway to Every Funding Update.
Startup News: Stay updated with the latest startup news and trends. Your go-to source for startup ecosystem updates.
Startup Stories: Discover inspiring tales of startups overcoming challenges and achieving success.
