McDonalds customers may face something a lot nastier than greasy food, with the company warning that a hacker has gathered thousands of customer details.
The data was gathered through various customer promotions and includes users’ age, contact information such as addresses and mobile phone numbers and general preference information.
“McDonald’s does not collect sensitive financial information, such as Social Security Numbers or credit card numbers on-line or through email,” the company promises.
McDonalds blames the breach on one of its partners.
“McDonald’s asked Arc Worldwide, a long-time business partner, to develop and coordinate the distribution of promotional emails. Arc hired an email service provider, a standard business practice, to supervise and manage the email database,” says the company in an email to customers.
“That email service provider has advised that its computer systems recently were accessed by an unauthorized third party, and that information, including information that you provided to McDonald’s, may have been accessed by that unauthorized third party.”
The company says it’s notified law enforcement officials and that the incident is being investigated.
Custmers have been warned that the information gathered could be used to perpetrate phishing attacks.
“In the event that you are contacted by someone claiming to be from McDonald’s asking for personal or financial information, do not respond and instead immediately contact us at the number below so we can contact the authorities,” it says.