Restaurant Brands International (RBI), the parent company of Burger King, Tim Hortons, and Popeyes, has come under scrutiny after two ethical hackers uncovered major cybersecurity flaws across its digital systems. The researchers, known by their handles BobDaHacker and BobTheShoplifter, revealed how weak security practices left RBI’s global operations, spanning more than 30,000 outlets, dangerously exposed. Their findings, once detailed in a blog that has since been archived, highlight critical oversights in RBI’s approach to data security.
Among the most concerning discoveries was a password hard-coded into the HTML of an equipment ordering site, a lapse that would typically raise alarms in even the most basic security audits. In another instance, the hackers found that the drive-through tablet system used the password “admin,” a default credential considered one of the most insecure in the industry. Such weak safeguards left RBI vulnerable to unauthorized access, calling into question the company’s investment in even the most fundamental cybersecurity measures.
The hackers went further, demonstrating access to employee accounts, internal configurations, and raw audio files from drive-through conversations. These recordings, sometimes containing fragments of personal information, were later processed by artificial intelligence to evaluate customer interactions and staff performance. While the hackers emphasized that they did not retain or misuse any data, their ability to reach such sensitive systems underscores the po
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: