Want to keep the TNW Conference vibe going?? Tickets for TNW2022 are available now >>

The heart of tech

This article was published on December 13, 2016

    KFC loyalty program hack proves it’s better at protecting recipes than passwords

    KFC loyalty program hack proves it’s better at protecting recipes than passwords
    Josh Levenson
    Story by

    Josh Levenson

    Reporter

    Josh Levenson is an avid technology enthusiast who writes news and the occasional how-to article. He's also a self-proclaimed sneakerhead an Josh Levenson is an avid technology enthusiast who writes news and the occasional how-to article. He's also a self-proclaimed sneakerhead and has been an Apple fan for as long as he can remember.

    KFC sent an email to all 1.2 million members of its Colonel’s Club loyalty program in the UK on Monday, instructing them to change their passwords after it discovered its website had been targetted and several user accounts potentially compromised.

    It’s unclear what information the hackers managed to get their hands on, but seeing as KFC is encouraging users to change their passwords to other services too, we’re guessing that it was probably a list of email addresses and passwords.

    Fortunately, the firm doesn’t store billing details as part of its rewards scheme, so no financial data was acquired. Nevertheless, it’s still pretty disappointing and, as a Colonel’s Club user myself, frustrating to have to change my password.

    At least KFC has recognized the risk of being hacked is rising and has “introduced additional security measures” to stop this kind of thing happening again,” but to be brutally honest, it should never have happened in the first place.

    If a company is recording our personal information in a database for whatever reason, they have a responsibility to protect it no matter the cost — and KFC has clearly failed to do so.

    We don’t know how the hacker gained access to the system, but if KFC put the same effort into securing its databases as it does into protecting its legendary recipe, all of our passwords would be safe right now.