It seems that data from McDonald's promotional database has been sticky fingered by thieves.
While no confidential data--such as credit card/banking, or Social Security numbers was included in the records, McDonald's says that it is warning its customers that the theft has compromised information such as customers' ages, phone numbers, email addresses and physical addresses they provided when signing up for promotions, such as its Monopoly game.
The fast food chain's agency, Arc Worldwide (a division of Leo Burnett) handled the compromised promotional email campaign. Arc, in turn, hired another firm to coordinate and distribute emails. It was that unnamed company whose records were accessed.
McDonald's apologized for the incident and is warning customers not to respond to requests for financial information pretending to be from McDonald's.