A threat actor has allegedly breached KFC Venezuela, offering a database containing the personal and order information of over one million customers for sale on a dark web forum.
The data, advertised on October 8, 2025, includes a vast amount of sensitive customer details, posing a significant risk of fraud and identity theft to those affected.
The database is being sold as a single 405 MB CSV file containing exactly 1,067,291 rows of data, indicating a large-scale compromise of the fast-food giant’s Venezuelan operations.
Extent of the Compromised Data
The breach exposes a wide array of personally identifiable information (PII) and transactional data. According to the threat actor’s post, the leaked database includes customers’ full names, phone numbers, email addresses, and complete delivery addresses.
The financial details exposed are also extensive, containing payment methods, exchange rates associated with transactions, and details of ordered items with their corresponding quantities and prices.
This combination of personal and financial information creates a high-risk scenario for targeted phishing campaigns, financial fraud, and other malicious activities directed at the victims.
The data set also contains operational information, such as order creation and update timestamps, sales channels, and internal store details.
The threat actor advertised the sale on a hacking forum, providing a detailed list of the data fields included in the compromised database.
To prove the authenticity of the data, the seller included a sample of the records, showing customer names, contact information, and specific order details.
The post listed numerous data fields, including cliente_fullname, cliente_phone, cliente_email, and cliente_direccion. Also included were order-specific identifiers like orden_id, store information, and aggregator IDs, suggesting a deep compromise of the company’s order management or customer relationship management (CRM) systems.
The actor is inviting interested parties to make contact for pricing, indicating that the data is available for purchase to other malicious actors.
The exposure of such detailed customer information places over one million individuals at immediate risk. Malicious actors can use the leaked data to orchestrate sophisticated scams, using order histories and personal details to make their fraudulent attempts appear legitimate.
Customers of KFC Venezuela are advised to be extremely cautious of unsolicited emails, text messages, or phone calls claiming to be from the company or other service providers.
It is recommended that individuals who may be affected monitor their financial accounts for any suspicious activity. As of now, KFC Venezuela has not issued a public statement regarding the alleged breach.
The incident underscores the critical need for robust cybersecurity measures to protect customer data in an increasingly targeted digital environment.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
