Job-seekers who applied at a McDonald's Canada restaurant between March 2014 and March 2017 were impacted by the breach, which exposed applicants' names, addresses, email addresses, phone numbers and employment backgrounds, as well as what McDonald's described as "other standard application information."
The forms did not ask for any sensitive personal or financial information, added McDonald's, noting that the company is currently unaware of anyone misusing the breached data.
“When we learned of this privacy breach we immediately shut down the site and launched an investigation," reads the company statement. The careers webpage will remain shut down until the investigation is complete and appropriate measures are taken to ensure that this type of security breach does not happen again.”
According to McDonald's, all affected applicants will be notified by mail, email or telephone.