Firms find their e-mail databases hacked, while Chipotle claims Facebook account was compromised.
In the past two days McDonald's and Walgreens have reported independent security breaches relating to their e-mail marketing data. Elsewhere, Chipotle Mexican Grill claims a hacker was responsible for controversial messages posted to its Facebook page last week.
McDonald's issued a statement Monday explaining that an e-mail service provider retained by its agency Arc Worldwide had its systems compromised by an unauthorized third party, potentially exposing customers' e-mail information, names, addresses, phone numbers, birth dates, and genders.
Walgreens, meanwhile, said hackers gained access to a list of customers' e-mail addresses, and may have sent spam encouraging them to input personal data into a false website. In an e-mail to customers, the company said prescription information and other personally identifiable data were not leaked, as that information is stored in a separate database. "We want to assure you that the only information that was obtained was your email address," the message stated. A spokesperson for the company declined to disclose further details pending "investigation by the relevant authorities."
McDonald's would not reveal which e-mail database provider was responsible for its breach, but it said the data in question was collected during online promotions across a range of sites, including McDonalds.com, 365Black.com, McDonalds.ca, mcdonaldsmom.com, mcdlive.com, monopoly.com, playatmcd.com, and meencanta.com.
"The incident has resulted in an investigation by law enforcement authorities. Arc and McDonald’s are cooperating with the appropriate authorities as we work to protect our valued customers. We have attempted to notify all of our active subscribers, who voluntarily provided information in connection with the websites and promotions involved in this incident," the company said in a statement. It too has sent communications to the customers it believes may be affected by the breach.
Elsewhere, Chipotle Mexican Grill yesterday claimed one of its employees had her Facebook account hacked following a controversial post that appeared on the restaurant's page on the social media site last week. A post from the employee's account read, "Soo I just ran over a white cat on my way home…oops!!! Not my fault!"
The post was removed, and the company issued a statement on its Facebook page yesterday reading, "The statement about the cat is completely false. Someone hacked into our employee’s account and posted that update without her knowledge. We at Chipotle respect all animals and would not joke about something like that. We are working with local authorities and hope for a quick resolution. We also ask that you be respectful as this is a difficult situation for our employee. We appreciate your patience."
However, discussion surrounding the post continues to dominate the brand's wall and discussion forums on the site, clearly demonstrating the risks associated with brands engaging in open social media forums.
August 10-12: Revolutionize your digital marketing campaigns at ClickZ Live San Francisco! Educating marketers for over 15 years, our action-packed, educationally-focused agenda covers every aspect of digital marketing. Early Bird rates available through Friday, July 17 - save up to $300! Register today.
Jack Marshall was a staff writer and stats editor for ClickZ News from 2007 until August 2011.
US Consumer Device Preference Report
Traditionally desktops have shown to convert better than mobile devices however, 2015 might be a tipping point for mobile conversions! Download this report to find why mobile users are more important then ever.
E-Commerce Customer Lifecycle
Have you ever wondered what factors influence online spending or why shoppers abandon their cart? This data-rich infogram offers actionable insight into creating a more seamless online shopping experience across the multiple devices consumers are using.