Firms find their e-mail databases hacked, while Chipotle claims Facebook account was compromised.
In the past two days McDonald's and Walgreens have reported independent security breaches relating to their e-mail marketing data. Elsewhere, Chipotle Mexican Grill claims a hacker was responsible for controversial messages posted to its Facebook page last week.
McDonald's issued a statement Monday explaining that an e-mail service provider retained by its agency Arc Worldwide had its systems compromised by an unauthorized third party, potentially exposing customers' e-mail information, names, addresses, phone numbers, birth dates, and genders.
Walgreens, meanwhile, said hackers gained access to a list of customers' e-mail addresses, and may have sent spam encouraging them to input personal data into a false website. In an e-mail to customers, the company said prescription information and other personally identifiable data were not leaked, as that information is stored in a separate database. "We want to assure you that the only information that was obtained was your email address," the message stated. A spokesperson for the company declined to disclose further details pending "investigation by the relevant authorities."
McDonald's would not reveal which e-mail database provider was responsible for its breach, but it said the data in question was collected during online promotions across a range of sites, including McDonalds.com, 365Black.com, McDonalds.ca, mcdonaldsmom.com, mcdlive.com, monopoly.com, playatmcd.com, and meencanta.com.
"The incident has resulted in an investigation by law enforcement authorities. Arc and McDonald’s are cooperating with the appropriate authorities as we work to protect our valued customers. We have attempted to notify all of our active subscribers, who voluntarily provided information in connection with the websites and promotions involved in this incident," the company said in a statement. It too has sent communications to the customers it believes may be affected by the breach.
Elsewhere, Chipotle Mexican Grill yesterday claimed one of its employees had her Facebook account hacked following a controversial post that appeared on the restaurant's page on the social media site last week. A post from the employee's account read, "Soo I just ran over a white cat on my way home…oops!!! Not my fault!"
The post was removed, and the company issued a statement on its Facebook page yesterday reading, "The statement about the cat is completely false. Someone hacked into our employee’s account and posted that update without her knowledge. We at Chipotle respect all animals and would not joke about something like that. We are working with local authorities and hope for a quick resolution. We also ask that you be respectful as this is a difficult situation for our employee. We appreciate your patience."
However, discussion surrounding the post continues to dominate the brand's wall and discussion forums on the site, clearly demonstrating the risks associated with brands engaging in open social media forums.
Learn Digital Marketing Insights From Leading Brands!
ClickZ Live Chicago (Nov 3-6) will deliver over 50 sessions across 10 individual tracks, including Data-Driven Marketing, Social, Mobile, Display, Search and Email. Check out the full agenda, or register and attend one of the best ClickZ events yet!
Jack Marshall was a staff writer and stats editor for ClickZ News from 2007 until August 2011.
Hong Kong, October 21-22
London, November 13-14
San Francisco, November 13-14
London, November 18-19
Google My Business Listings Demystified
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.
5 Ways to Personalize Beyond the Subject Line
82 percent of shoppers say they would buy more items from a brand if the emails they sent were more personalized. This white paper offer five tactics that will personalize your email beyond the subject line and drive real business growth.