Hackers post alleged Burger King and Wendy’s data linked to European franchises

Published: 23 February 2026
BurgerKing France and Wendys
Image by Cybernews

Hackers claim to have compromised data belonging to fast food chains Wendy’s UK and Burger King France, after datasets were advertised on a dark-web forum.

Key takeaways:
  • Hacker claims responsibility for both breaches. Threat actor "Eliasxy" posted data sets allegedly stolen from Burger King France and Wendy UK's operations on a dark web forum.
  • Data appears legitimate but remains unverified. Cybernews researchers found the sampled data (11 lines from Burger King, 5 from Wendy's) appear structurally legitimate and different from earlier breaches.
  • Primary risk is phishing based on the exposed information, as well as impersonation attempts against the affected companies and employees. An exposed Sentry API key in Wendy's data could potentially enable access from additional internal systems.
  • The fast food industry has on going security issues. This incident follows a pattern of security lapses across the sector, including Burger King France's previous credential exposures and McDonald's third party hiring platform using "123456" as a password.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

The data first appeared on a popular data leak forum that hackers use to exchange often-stolen records. A user operating under the name “Eliasxy” has claimed responsibility for both alleged breaches, posting the listings on a dark web forum on Saturday.

ADVERTISEMENT
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Google News Follow us

Cybernews researchers reviewing the material said the samples circulating online appear structurally legitimate. However, it has not yet been independently verified or acknowledged by the organizations involved

In a post relating to Burger King France, the hacker wrote on the forum: “Today I have uploaded the Burger King France Franchise Enterprise Database for you to download. Thanks for reading and enjoy!”

The hacker dropped an 11-line sample of the data linked to Burger King France, claiming it contained information about:

  • Franchise operations
  • Employee addresses, phone numbers, and contact emails
  • Opening hours
  • Delivery partners
  • Senior staff details
  • Job application information

They further claimed the infrastructure was built by the same developers as the McDonald’s-related platform, but provided no evidence to support this.

BKbreach
A user operating under the name “Eliasxy” has claimed responsibility for both alleged breaches on a dark web forum.

A separate post relating to Wendy’s appeared shortly after, with the actor announcing:

ADVERTISEMENT

“Yooo today we struck again. This time it's Wendy’s and in the database you’ll find plenty of information such as first name, last name, address, email system used, Surface and many other details.”

Eliasxy

Cybernews researchers confirmed that Wendy’s 5 lines of data contain information similar to Burger King’s, but it appears to be a mix of random restaurants, not just Wendy's, making it unclear who the data belongs to.

Wendys
Post on a dark web leaks forum, claiming Wendy's data breach.

For Wendy’s, the threat actor also threw in some additional details relating to a Sentry API key, which Cybernews researchers warned could be used to access more internal data.

Different data same burger branch

Our researchers also confirmed that the material appears different from previously reported exposures involving the Burger King, but noted the sample itself is small and does not indicate how much data may exist beyond what has been shown.

The researchers say that based on what is visible so far, the primary risk would be “targeted phishing or impersonation attempts directed at the affected companies and their employees.”

McDonald's hiring platform data leak
The McDonald's McHire platform leak was another example of a fast food firm experiencing a security lapse.

Burger King France has faced scrutiny in the past over its security practices, including earlier findings involving exposed credentials and configuration weaknesses.

More broadly, the fast food sector has experienced repeated security lapses in recent years, including a case last year in which a McDonald’s third-party hiring platform was found using the weak password “123456.”

ADVERTISEMENT

Last autumn, Malwarebytes published research highlighting administrative level access risks in drive-through tablet systems (in which ‘admin’ was used as the password), which was linked to Restaurant Brands International, the parent company of Burger King and Popeyes.

Wendy’s and Burger King have been approached for comment. At the time of publication, neither company had confirmed a breach.

Unlock exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked