TGI Fridays Australia restaurant chain has disclosed a security breach that occurred due to an unprotected server. This had left sensitive loyalty program data exposed on the internet.
What was leaked?
As per the information shared to Threatpost, the TGI Fridays explained that the publicly exposed data included back up files containing data related to the Australian customer loyalty program. However, no financial information has been leaked in the incident.
The company stressed that the instance of leaky server impacts only TGI Fridays Australia and does not affect the restaurant chain located in the USA or any other global markets.
What actions have been taken?
Following the incident, the restaurant chain has asked its customers to change their MyFridays membership rewards program passwords. It has also asked its customers to be cautious while opening emails from unsolicited sources that request personal information or points to websites.
“All MyFridays member passwords are securely hashed, however, we strongly recommend you reset your MyFridays Reward password and consider changing any and number,” said the company, Threatpost reported.
It is unknown how many customers are affected in the incident or what type of data was exposed in the incident.
TGI Fridays Australia is working with a dedicated Australia based cybersecurity firm to assess the exposed data and systems. It has also notified the Office of Australia Information Commissioner about the issue.