Nando’s has issued a statement addressing news of a “possible breach”. The issue appears to be caused by a cached page that was first shared to Twitter via a URL back in 2014.
As soon as the matter was brought to its attention Nando’s launched an investigation and has confirmed to Hypertext that no user data is at risk.
“Our investigation is looking into how one old page was cached, we have already requested that Google remove any cached pages, and will confirm once we are clear this has taken place,” Nando’s said in a statement.
“Nando’s would like to assure all its Firestarters that their personal details and data is secure, and we will provide ongoing updates as our investigation progresses.”
The original story follows on below.
Nandos has been catching fire for the last few hours after folks started stumbling across data that wasn’t theirs.
The issue stems from the Nandos FireStarters website which contains a survey. The survey asks folks to fill in their full name, email address and cellphone number in order to join the FireStarters community and win prizes.
It’s all very normal stuff until one hears what happened next.
Seemingly out of nowhere a South African Twitter user received a WhatsApp message from an unknown number. The person sending the message stated that the number had been gleaned from the Nando’s FireStarters website.
— Jarn Athern (@JonWithTheFace) July 22, 2019
Worse still another Twitter user found the pages containing data – which are meant to be private – indexed by Google.
This meant that with the right keywords you could find a person’s personal information, neatly collated and linked for you by Google.
That’s going to be a big yikes from us.
To its credit, once the problem had been brought to its attention Nando’s culled the website and it is currently inaccessible.
“We have increased further security measures to prevent possible exposure of personal details and will update our fans on further steps to be taken once our investigation is concluded,” Nando’s South Africa told Business Insider.
The fast food chain said that only two people had been affected by the breach. Despite that the company made the decision to increase its security following recent events.
As of time of writing the Nando’s FireStarters website remains offline but we have been told that the team is working hard to solve the issue.