McDonald's Canada reveals hack of careers website
Those affected had applied online for a job between March 2014 and March 2017
The personal information of about 95,000 online job applicants was compromised in a recent cyberattack on a McDonald's Canada careers website, the restaurant chain said Friday.
The company said people affected are those who applied online for a job between March 2014 and March 2017.
- Air Miles investigating after finding thieves stole miles from members
- Loblaw resets passwords after security breach of its loyalty program
McDonald's said the compromised personal information included names, addresses, email addresses, phone numbers, employment backgrounds and "other standard application information."
"Importantly, our application forms do not request highly sensitive personal information such as social insurance numbers, banking information or health information," the company said.
"At this time, we have no information that the information taken has been misused," the company said. "We apologize to those impacted by this incident."
Company spokesperson Adam Grachnik said in email to CBC News that it appears the breach occurred in mid-March.
"McDonald's Canada monitors its databases for any unauthorized access," he said. "This monitoring identified unauthorized access to the database."
The company said the website was shut down immediately after it learned of the breach. The site will remain down until an investigation is complete and steps are taken to ensure a breach does not happen again, the company said.
Affected job applicants will be notified by a letter in the mail, McDonald's said, adding that if a mailing address wasn't provided on the application the notification will come by email or telephone.
In the wake of the breach, the company is advising people interested in applying for a job to do so in person at any of its outlets.