McDonald's: Global outage was caused by "configuration change"
McDonald's has blamed a third-party service provider's configuration change, not a cyberattack, for the global outage that forced many of its fast-food restaurants to close. [...]
Outages can disrupt security tools and critical services, showing how failures in infrastructure, vendors, or recovery plans affect cyber resilience.
Search across headline titles and summaries.
Background for this topic.
Outage is a period when a system, network, application, or online service is unavailable or cannot perform its intended function. It may be planned maintenance or an unplanned disruption caused by equipment or software failure, misconfiguration, a dependency problem, natural hazards, or a denial-of-service attack. The tag generally concerns availability incidents, not every performance issue or security breach.
For security practitioners, an outage requires determining whether malicious activity contributed to the disruption while preserving relevant logs, network telemetry, and system state for investigation. Defenses include capacity planning, segmented and redundant architecture, tested failover and recovery procedures, and controls that limit the effect of DDoS traffic or compromised dependencies. Emergency changes made during recovery should be authorized and recorded, since they can create new vulnerabilities or affect data integrity. Clear incident ownership and communications help coordinate technical response without obscuring the cause or scope.
McDonald's has blamed a third-party service provider's configuration change, not a cyberattack, for the global outage that forced many of its fast-food restaurants to close. [...]
Vulnerability data has stopped being added to the most widely used software vulnerability database for over a month, putting organizations at risk – and nobody knows why
McDonald's restaurants are suffering global IT outages that prevent employees from taking orders and accepting payments, causing some stores to close for the day. [...]
The vast healthcare ecosystem disruption caused by the recent attack on Change Healthcare, which affected more than 100 of the company's IT products and services, underscores the concentrated cyber risk when a major vendor suffers a serious cyber incident, said Keith Fricke, partner at tw-Security.
Targeting recovery this week, officials still trying to 'dentify the nature of the incident' Leicester City Council says IT systems and a number of its critical service phone lines will remain down until later this week at the earliest following a "cyber incident".…
CISA has not confirmed which two systems it took offline or what kind of data was accessed.