You probably have a different definition of malicious than most of us.
What you're thinking is, "Did he do this to break things at McDonald's or actively hurt them in some way?"
But if he's hitting an internal API and creating a bunch of fake orders for the purpose of gathering data, that's malicious, whether or not it breaks anything on McDonald's side.
When will this guy realize that the only acceptable pastime for hackers, post-2020, is having long discussions that involve the word "policy" many times?
It is all hipsters now; hackers having fun not for profit r long gone in another era. Lets see how fast this kid gets himself behind bars for trying to outwit a corporation. I agree that he overdid it but he might only see his wrongdoing in hindsight. I'm glad my comment picked up some steam; we are too locked in chains behind rules nowadays, kids can't have a little fun anymore. He can be a valuable asset to any company than falling in the hands of real criminals behind bars
What you're thinking is, "Did he do this to break things at McDonald's or actively hurt them in some way?"
But if he's hitting an internal API and creating a bunch of fake orders for the purpose of gathering data, that's malicious, whether or not it breaks anything on McDonald's side.