McDonald's database hacked, user email addresses, birthday info stolen

McDonald's database hacked, user email addresses, birthday info stolen
McDonald's has confirmed today that hackers broke into a database containing email addresses and birthdays for consumers who have signed up for McDonald's promotions.

The fast food chain made it clear that no sensitive information, like credit card numbers, Social Security numbers or physical addresses were compromised.



"The incident has resulted in an investigation by law enforcement authorities. Arc and McDonald's are cooperating with the appropriate authorities," says spokeswoman Danya Proud. "We are also working with Arc and their database management firm to understand how the security was bypassed."

Arc refers to long-time McDonald's business partner Arc Worldwide, an email database management firm.

It is unclear how many consumers are affected.

Written by: Andre Yoskowitz @ 14 Dec 2010 0:56
Tags
McDonalds hacked
Advertisement - News comments available below the ad
  • 16 comments
  • ROMaster2

    Well maybe these people will have to get healthier foods now.

    14.12.2010 01:20 #1

  • stuntman_

    lol why would someone steal this information? It must have been burger king!




    14.12.2010 01:22 #2

  • Tristan_2

    I highly doubt to believe a Hacker did this, Your Typical Hacker wouldn't do this

    14.12.2010 01:35 #3

  • stuntman_

    thats what I think! burger king hired a hacker to send spam mail promoting the whopper!




    14.12.2010 03:26 #4

  • KillerBug

    Probably some kid just trying to prove that he could do it.

    14.12.2010 04:55 #5

  • Zealousi

    just remember huge email lists are worth a lot on the black market.

    14.12.2010 08:27 #6

  • dEwMe

    OMG...They stole my birthday!!!

    Yeah even the b-days are worth something correlated with the emails...Information is money for these marketing types and like anything else some don't care how they get it.

    You prob shouldn't be handing your email to any of these companies if you are concerned about SPAM and etc anyway...

    Just my $0.02,

    dEwMe

    14.12.2010 08:38 #7

  • Blessedon

    The only reason ANY company offers promotions is to get your information.
    Arc sold it to make a buck by telling the rogue third party how to hack it.

    14.12.2010 09:58 #8

  • Tristan_2

    Originally posted by Blessedon: The only reason ANY company offers promotions is to get your information.
    Arc sold it to make a buck by telling the rogue third party how to hack it.
    That could very well be possible a scheme when it came to Mcdonalds Monopoly did happen on the inside once

    14.12.2010 10:42 #9

  • plazma247

    HAHA, i think Arc probably already sold it and when they worked out the spammers they sold it to looked like they were going to do something or had done something silly and they get found out .....

    (how did they know my birthday as well... ?)

    ... they hit a pre-emptive strike and say we got hacked.

    Why didnt they notify the customers directly they had lost their details, how do the customers know if they have been effected.

    What would be intresting is if some got a target spam from this database that could be identified and it pre-dates them saying it was hacked...

    14.12.2010 11:26 #10

  • jam_k

    Originally posted by plazma247:
    Why didnt they notify the customers directly they had lost their details, how do the customers know if they have been effected.
    They did:

    Dear Valued McDonald's Customer,
    Our records indicate you previously elected to submit information to McDonald's in connection with one of our websites or promotions. We wanted to let you know there is a possibility that the limited information you provided to McDonald's through its websites or promotions was improperly accessed by an unauthorized third party.
    By way of background, McDonald's asked Arc Worldwide, a long-time business partner, to develop and coordinate the distribution of promotional emails. Arc hired an email service provider, a standard business practice, to supervise and manage the email database. That email service provider has advised that its computer systems recently were accessed by an unauthorized third party, and that information, including information that you provided to McDonald's, may have been accessed by that unauthorized third party. Law enforcement officials have been notified and are investigating this incident.
    McDonald's does not collect sensitive financial information, such as Social Security Numbers or credit card numbers, online or through email. As such, the information improperly accessed did not include this type of information. Rather, the limited information you provided to McDonald's included information required to confirm your age, a method to contact you (such as name, mobile phone number, and postal address and/or email address), and other general preference information. In the event that you are contacted by someone claiming to be from McDonald's asking for personal or financial information, do not respond and instead immediately contact us at the number below so we can contact the authorities. Please remember, McDonald's would not ask for that type of information online or through email.
    We apologize for any concern this incident may cause. Protecting our valued customers is very important to us. If you have any questions or concerns, rather than replying to this email, please contact us immediately at our toll-free number 1-800-244-6227. For additional information please visit our website at www.mcdonalds.com/notice.
    Sincerely,
    McDonald's Customer Satisfaction Team

    14.12.2010 14:42 #11

  • lissenup2

    This was done so the hacker could pass on a Happy F'ing Birthday to everyone.

    What's wrong with that? I think it's kinda nice. ;)

    14.12.2010 14:45 #12

  • plazma247

    Originally posted by jam_k: Originally posted by plazma247:
    Why didnt they notify the customers directly they had lost their details, how do the customers know if they have been effected.
    They did:

    Ahh well at least they notified the people, however when:

    age, name, mobile phone number, postal address and email have all been breached, they say ....

    Social Security Numbers or credit card are not collected... i should hope not.

    BUT, when you have someones age/address/dob your only a couple of bin dives and a utility bill or two away from something just as bad.

    ! SHAME SHAME SHAME ON YOU ARC !

    14.12.2010 16:41 #13

  • mike.m

    They should have stolen the recipe to find out what REALLY is in their hamburgers. Thank goodness I don't eat that crap anyways.

    15.12.2010 14:30 #14

  • bobiroc

    Oh Crap they figured out the password to the database was McMuffin.

    AMD Phenom II 965 @ 3.6Ghz, 8GB DDR3, ATI Radeon 5770HD, 300GB 10,000RPM Raptor, 2TB Additional HDD, Windows 7 Ultimate.

    15.12.2010 18:32 #15

  • leemoo

    Maybe it was the Hamburlgar

    16.12.2010 10:20 #16

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud