McDonald's app customers are getting their accounts hijacked by hackers who spent as much as $2,000 on enormous orders of Big Macs and nuggets
- McDonald's app users are being targeted by hackers who order more than $2,000 worth of meals and leave no trace.
- The "My McD's" app in Canada can be used to pre-order food and drink for collection, and stores credit card information for payments.
- So far in 2019 there have been dozens of reports on Twitter, App Store reviews, and Reddit that the app is often the target of hackers.
- McDonald's says it is "aware" of the reports but is "confident in the security of the app."
- On some occasions, McDonald's Canada has refused to refund fraudulent transactions and urged users to contact their banks for compensation.
- Visit Business Insider's homepage for more stories.
Users of a McDonald's app in Canada are having their accounts commandeered by hackers who are using the accounts to order food for themselves, racking up bills in excess of CAD $2,000.The scammers appear to quietly access the accounts and then make many regular-sized orders costing around $20 a time. Victims say they didn't notice the money leaving their accounts, sometimes for weeks.Advertisement
Over several months, users of the My McD's app say they've been scammed and charged for orders they didn't make, and have posted screenshots of the receipts online.
Most recently, Patrick O'Rourke, a technology journalist, was charged for 100 separate meals, totalling $2,000, at a branch in Montreal between April 12-18."McDonald's should at least be sending out a mass email to everyone that has the account [to say], 'Hey, you should reset your password'," he told CBC.On many occasions, including with O'Rourke, McDonald's Canada has said it would not refund the transactions, and has urged app users to seek compensation from their bank instead.Advertisement
The number of people who say their accounts have been breached is increasing by the day.
AP Photo/Ng Han Guan
Taylor lives in Halifax, Nova Scotia, but the food was ordered from a restaurant in Quebec, more than 550 miles away. "It's amazing to see how quick someone can just breach your privacy," she told CBC,.she told CTV.Advertisement
MyMcD's app user Brett O'Donnell was the target of scammers on January 17. He only lost $50, but told CBC that ihe missed the rogue transactions because receipt emails were landing in his spam inbox.Advertisement
"I expected them to do the refund because it was their fault," he stressed. "It's their application. If it's not secure, they should take responsibility."Read more: McDonald's lost a 'David versus Goliath' trademark battle over Big Macs to a small Irish rival called Supermac'sMany others complained to McDonald's online.Advertisement
McDonald's Canada spokesman Adam Grachnik told CBC:
"While we are aware that some isolated incidents involving unauthorized purchases have occurred, we are confident in the security of the app. We do take appropriate measures to keep personal information secure.""Similar to other apps, we are constantly improving the My McD's App and updating it with enhancements to make the user experience as strong and safe as possible."Advertisement
Business Insider contacted McDonald's Canada for comment but is yet to receive a response.
@McDonalds my mobile app account was compromised and someone that wasn't me ordered food off of my card. I changed my password - now how do I get my money back?- Justin Amaker (@JustinAmaker) April 20, 2019
me too! I cancelled my card as soon as I got an email receipt for a meal i didn't order in a city thousands of miles away- Jasna Todorović (@JasnaTod) April 23, 2019
@McDonalds Hi, my MyMcDs account got breached and I was wondering if I could just delete the account, as I don't really use it anyway.- Kyle Hatt (@KnightofNightz0) April 25, 2019
@McDonalds you need to fix your MyMcD's app. Every time I use this app, my credit card gets compromised by someone in Quebec. 4 times already in 2019! This is ridiculous.- Ian (@i_g_miller) April 8, 2019
- Two foreigners held for drug peddling
- Bio-secure bubbles – Here's how IPL players will be staying safe during the pandemic
- INTERVIEW: Chennai-based CAMS’ 30-year journey to an IPO
- Amazon pumps in money into MORE to take on the heavyweights Reliance Retail and DMart
- 30 COVID vaccine candidates being developed: Health Ministry