Techly NewsGet the app

Get the latest tech news

We hacked Burger King: How auth bypass led to drive-thru audio surveillance


Critical authentication bypass vulnerabilities in Restaurant Brands International's assistant platform allowed complete control over 30,000+ Burger King, Tim Hortons, and Popeyes locations worldwide - including access to customer drive-thru audio recordings.

Picture this: Restaurant Brands International (RBI) – the corporate overlords behind Burger King, Tim Hortons, and Popeyes – control over 30,000 locations worldwide. What they also control is something called the "assistant" platform – the digital brain behind every drive-thru screen, bathroom tablet review, and the slightly-too-cheerful burger king employee asking if you want to make it a combo. Raw audio files of real people ordering food, complete with background conversations, car radios, and sometimes personally identifiable information.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of auth bypass

auth bypass

Photo of burger king

burger king

Photo of audio surveillance

audio surveillance

Related news:

News photo

Researcher to release exploit for full auth bypass on FortiWeb

News photo

Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE

News photo

Fortinet warns of auth bypass zero-day exploited to hijack firewalls

« News Weekly: Galaxy S25 FE is here, Google Pixel 10a leaks, Lenovo's new tablet steals the spotlight at IFA, and more
All New Java Language Features Since Java 21 »