McDonald's has also alerted potentially affected customers via e-mail and .
"We have been informed by one of our long-time business partners, Arc Worldwide, that limited customer information collected in connection with certain McDonald’s websites and promotions was obtained by an unauthorized third party," a McDonald's spokeswoman said via e-mail on Saturday.
McDonald's hired Arc to develop and coordinate the distribution of promotional e-mail messages, and Arc in turn relied on an unidentified e-mail company to manage the customer information database. This e-mail company's systems were hacked into.
The data, which customers had provided voluntarily, doesn't include Social Security Numbers, credit card numbers, nor any sensitive financial information, she said.
"Rather, the limited information includes what was required to confirm the customer’s age, methods to contact the customer, and other general preference information," the spokeswoman added.