Personal data of thousands of Polish employees of McDonald’s restaurant chain have been leaked online.

According to Niebezpiecznik, the leak was attributed to 24/7 Communication, the agency responsible for handling digital graphics for the employees of the popular fast food chain. The leak occurs as a result of files being placed in a publicly available, rather than a restricted folder. As a result, data of McDonald’s restaurant employees from the last five years was available to the public in the period from January 2019 to July 2020.

The data affected by the leak are: surnames and first names along with information related to employment, as well as PESEL or passport numbers.

McDonald’s behavior was exemplary as an informational bulletin was sent to all employees as well as in the Fakt daily newspaper. Additionally, a hotline for victims and interested persons was set up.
The leaked data can be used for authorization purposes for selected official hotlines, where often PESEL number is used for verification.