Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:2BDAEB58F8A0E4E2AE4A1117FCD06A5A
HistoryDec 13, 2010 - 9:07 a.m.

Hackers Steal Customer Data from McDonald's Partner Database

2010-12-1309:07:00
The Hacker News
thehackernews.com
4

6.9 Medium

AI Score

Confidence

Low

JSON

McDonald’s is collaborating with law enforcement after malicious hackers infiltrated another company’s database and stole information about an unknown number of the fast-food chain’s customers.

McDonald’s has alerted potentially affected customers via email and through a message on its website.

“We have been informed by one of our long-time business partners, Arc Worldwide, that limited customer information collected in connection with certain McDonald’s websites and promotions was obtained by an unauthorized third party,” a McDonald’s spokeswoman said via email on Saturday.

McDonald’s hired Arc to develop and coordinate the distribution of promotional email messages. Arc, in turn, relied on an unidentified email company to manage the customer information database. This email company’s systems were hacked.

The data, provided voluntarily by customers, does not include Social Security numbers, credit card numbers, or any sensitive financial information, the spokeswoman confirmed.

“Rather, the limited information includes what was required to confirm the customer’s age, methods to contact the customer, and other general preference information,” the spokeswoman added.

This means that customer data likely includes full names, phone numbers, postal addresses, and email addresses. The spokeswoman did not specify what information was required for age confirmation, so it is unclear if customers simply checked a box indicating they were adults or if they had to provide their date of birth.

“In the event that you are contacted by someone claiming to be from McDonald’s asking for personal or financial information, do not respond and instead immediately contact us,” reads McDonald’s note to customers. The number to call is 1-800-244-6227.

In addition to working with law enforcement agencies, McDonald’s is investigating the security breach at the company hired by Arc, which is the marketing services division of ad agency Leo Burnett. Arc specializes in digital communications, direct marketing, promotions, and shopper marketing, according to its website.

The spokeswoman did not specify how many people are potentially affected or in which countries, besides the U.S. She also did not indicate when the breach occurred.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

6.9 Medium

AI Score

Confidence

Low

JSON