The McDonald’s India app, McDelivery is leaking personal data for more than 2.2 million of its users which includes name, email address, phone number, home address, accurate home co-ordinates and social profile links.
Even though McDelivery was made aware of this issue on 7th Feb by Fallible and acknowledged on 13th Feb (33 days ago), the issue still exists and is a serious privacy threat.
Maybe, India needs a stricter data and privacy laws for companies to stop being so casual about these issues.
Imagine this happening in US or China!
Update from McDonalds India
“We would like to inform our users that our website and app does not store any sensitive financial data of the users like credit card details, wallets passwords or bank account information. The website and app has always been safe to use, and we update security measure on regular basis. As a precautionary measure, we would also urge our users to update the McDelivery app on their devices.
At McDonald’s India, we are committed to our users’ data privacy and protection.”