Hackers have breached a database containing the personal information of thousands of McDonald's customers.
The Oak Brook-based company said Monday that a third party was able to get past security measures and into a database of its customer information, including e-mail, phone numbers, addresses and birthdates.
Customers provided the information when signing up for online promotions or other subscriptions to its websites. The database did not include any financial information or Social Security numbers, the company said.
McDonald's did not detail the timing or scope of the breach but said it is working with law enforcement.
The fast-food chain said its business partner, Arc Worldwide, retained an e-mail database management firm whose computer systems were improperly accessed. McDonald's said it is working with the two firms to understand how security was bypassed.
Arc did not immediately respond to a call for comment.
McDonald's said it has attempted to notify all its subscribers of the incident. The company is asking any consumers who are contacted by someone claiming to be from McDonald's and seeking personal or financial information not to respond but instead to contact the company immediately so it can alert authorities.
Customers who have questions or concerns can contact the company 1-800-244-6227, the company said in a statement on its website.