Everest Ransomware Claims McDonalds India Breach Involving Customer Data

The notorious Everest ransomware group is claiming to have breached McDonald’s India, the Indian subsidiary of the American fast-food giant. The claim was published on the group’s official dark web leak site earlier today, January 20, 2026, stating that they exfiltrated a massive 861 GB of customer data and internal company documents.

As reviewed by Hackread.com, the group also published internal screenshots to support the authenticity of its claims. A closer look at these screenshots reveals financial reports from 2023 to 2026, audit trails, cost tracking sheets, ERP migration files, pricing data, and other sensitive internal communications.

Several directories are labeled with month-by-month breakdowns, indicating what appears to be structured access to accounting or enterprise resource planning systems. One directory titled “Investor Info” suggests that the breach may also include confidential board-level material.

More notably, one spreadsheet labeled “Contact Database” contains detailed information on investors and business ...