The information includes candidates’ names, email addresses, home addresses, employment backgrounds and phone numbers. The hacking affects job applicants who applied online for jobs at McDonald’s Canada between March 2014 and March 2017.
After McDonald’s found out about the attack, they shut down the careers website. An investigation has been launched and the site will remain closed until the investigation has been completed.
McDonald’s released a statement saying the job site doesn’t collect health information or any kind of banking information. The statement went onto say that they have no information that the info stolen has been misused. The company issued an apology to anybody who was affected by the incident.
The company said it would notify impacted applicants via mail or through other contact information, such as phone or email, if the applicant didn’t provide a mailing address on the application form.
A spokesman for McDonald’s Canada said the company monitors its databases for unauthorized access. He said this is what led them to identifying unauthorized access to the job applicant database.
Since the breach was discovered, McDonald’s Canada has urged people to apply for a job in person, which they can do at one of their outlets.