Firms find their e-mail databases hacked, while Chipotle claims Facebook account was compromised.
In the past two days McDonald's and Walgreens have reported independent security breaches relating to their e-mail marketing data. Elsewhere, Chipotle Mexican Grill claims a hacker was responsible for controversial messages posted to its Facebook page last week.
McDonald's issued a statement Monday explaining that an e-mail service provider retained by its agency Arc Worldwide had its systems compromised by an unauthorized third party, potentially exposing customers' e-mail information, names, addresses, phone numbers, birth dates, and genders.
Walgreens, meanwhile, said hackers gained access to a list of customers' e-mail addresses, and may have sent spam encouraging them to input personal data into a false website. In an e-mail to customers, the company said prescription information and other personally identifiable data were not leaked, as that information is stored in a separate database. "We want to assure you that the only information that was obtained was your email address," the message stated. A spokesperson for the company declined to disclose further details pending "investigation by the relevant authorities."
McDonald's would not reveal which e-mail database provider was responsible for its breach, but it said the data in question was collected during online promotions across a range of sites, including McDonalds.com, 365Black.com, McDonalds.ca, mcdonaldsmom.com, mcdlive.com, monopoly.com, playatmcd.com, and meencanta.com.
"The incident has resulted in an investigation by law enforcement authorities. Arc and McDonald’s are cooperating with the appropriate authorities as we work to protect our valued customers. We have attempted to notify all of our active subscribers, who voluntarily provided information in connection with the websites and promotions involved in this incident," the company said in a statement. It too has sent communications to the customers it believes may be affected by the breach.
Elsewhere, Chipotle Mexican Grill yesterday claimed one of its employees had her Facebook account hacked following a controversial post that appeared on the restaurant's page on the social media site last week. A post from the employee's account read, "Soo I just ran over a white cat on my way home…oops!!! Not my fault!"
The post was removed, and the company issued a statement on its Facebook page yesterday reading, "The statement about the cat is completely false. Someone hacked into our employee’s account and posted that update without her knowledge. We at Chipotle respect all animals and would not joke about something like that. We are working with local authorities and hope for a quick resolution. We also ask that you be respectful as this is a difficult situation for our employee. We appreciate your patience."
However, discussion surrounding the post continues to dominate the brand's wall and discussion forums on the site, clearly demonstrating the risks associated with brands engaging in open social media forums.
What's New for 2015?
You spoke, we listened! ClickZ Live New York (Mar 30-Apr 1) is back with a brand new streamlined agenda. Don't miss the latest digital marketing tips, tricks and tools that will make you re-think your strategy and revolutionize your marketing campaigns. Super Saver Rates are available now. Register today!
Jack Marshall was a staff writer and stats editor for ClickZ News from 2007 until August 2011.
Singapore, 3-4 November
Hong Kong, 8-9 December
Hong Kong, 8-9 December
Google My Business Listings Demystified
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.
5 Ways to Personalize Beyond the Subject Line
82 percent of shoppers say they would buy more items from a brand if the emails they sent were more personalized. This white paper offer five tactics that will personalize your email beyond the subject line and drive real business growth.