Recent cyberattacks have significantly affected the digital operations of several well-known Russian restaurant chains and food service providers, The Moscow Times has reported, citing business daily Vedomosti.
Among the impacted establishments are Vkusno i Tochka – the fast food chain which has taken over since McDonald’s exited the Russian market in 2022 – the coffee chain Cofix and Sushi Master.
Go deeper with GlobalData
The attacks began on Friday, 18 July 2025, targeting networks managed by automation provider iiko and its hosting partner ESTT.
The attackers used distributed denial-of-service (DDoS) techniques, inundating servers with traffic over a five-day period, which led to system overloads and made mobile applications and websites unavailable.
On the first day of the attacks, Vkusno i Tochka informed customers of processing delays, attributing these issues to problems with its hosting provider.
Although services were briefly restored, another major attack occurred the following Monday, 21 July.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataIiko, which provides digital infrastructure for restaurants, confirmed that a 12-hour DDoS attack affected its data centres on 18 July, followed by another incident the next day.
Customer data remained secure but the company acknowledges disruptions to internal communications.
One of iiko’s clients, the sushi chain Mnogo Lososya, reported being unable to process kitchen orders for almost three days.
An iiko representative indicated that services had since been restored and that affected clients had received compensation.
Nikita Tsaplin, CEO of Russian cloud provider RUVDS, has stated that as many as 3,500 ESTT clients might have been impacted.
He observed a notable rise in digital attacks in 2025, with incidents increasing by one-third compared to the same timeframe in 2024, and peak attack volumes reaching 1.7 terabits per second.
On 17 July, just before the restaurant chain attacks began, vodka producer Novabev Group, which owns the Beluga and Belenkaya brands, reported experiencing a large-scale DDoS attack that halted shipments for several days.
Digital investigator Igor Bederov has suggested that the attacks could have been carried out by business competitors, noting the financial damage caused by lost revenue, disrupted payment systems and reduced customer loyalty.
