McDonald’s Canada has reported that its careers website has been hacked, compromising the personal information of around 95,000 online job applicants.
The information includes the names, addresses, email addresses, phone numbers, and employment backgrounds of candidates who applied online for a job at McDonald’s Canada between March 2014 and March 2017.
McDonald’s shut down the website after it learned of the attack, and the company confirmed that it will remain closed until the investigation is complete.
McDonald’s says it doesn’t currently believe that the compromised information has been “misused.” It also confirmed that personal data only extends to what the company asks for in job applications, which does not include sensitive information such as social insurance numbers, bank details, or health information.
The company announced the breach soon after discovering it – reportedly in mid-March – and has taken steps to contact everybody whose information was compromised. Contact has primarily been made by mail, but applicants who didn’t provide a postal address have been contacted by email or telephone. A help line has also been set up to answer any questions that people have about the breach.
This incident follows an alleged hacking of McDonald’s Twitter account last month. The aberrant tweet, which was briefly pinned to the top of the company’s feed, featured a vulgar insult directed at President Donald Trump.
These attacks are only the latest in a line of recent cyber attacks on fast food companies. In February, Arby’s was hit with a point-of-sale malware attack, which compromised around 335,000 payment cards. Similar attacks have taken place against Wendy’s, in which hackers stole customers’ credit and debit card information at 1,025 of its US restaurants, and at Nashville-based restaurant chain Shoney’s.
Subscribe to our Daily Sentinel for all the latest cybersecurity news and advice.