The personal data of McDonald’s customers — including emails and phone numbers — has been “obtained by an unauthorized third party,” the chain has told its most loyal burger fans.

Late Friday, McDonald’s sent an email to customers notifying them of the hacking, and warned them to be cautious of any person claiming to be from “McDonald’s asking for personal or financial information.”

Arc Worldwide, a long-time business partner of McDonald’s, told the chain that information it collects in connection with certain McDonald’s websites and promotions was obtained by an unauthorized third party.

“Unfortunately, a third party was able to defeat the security measures put in place by the email database management firm to protect the information you provided to us,” McDonald’s stated on its website.

The data collected includes “information required to confirm your age, a method to contact you (such as name, mobile phone number, and postal address and/or email address), and other general preference information,” McDonald’s said.

McDonald’s declined to say Sunday how many people were impacted by the hacking. Likely thousands received the email, as it’s common for fans to sign-up for special email promotions via the chain’s website. The websites where customers entered data include: McDonalds.com, 365Black.com, McDonalds.ca, mcdonaldsmom.com, mcdlive.com, monopoly.com, playatmcd.com, or meencanta.com.

In a statement to the media, McDonald’s said: “It is important to note that the information in the database did not include Social Security Numbers, credit card numbers, or any sensitive financial information. The incident has resulted in an investigation by law enforcement authorities. Arc and McDonald’s are cooperating with the appropriate authorities as we work to protect our valued customers. We are also working with Arc and their database management firm to understand how the security was bypassed. We take the security of our customer information very seriously, and we will continue to cooperate with the investigation and with the appropriate authorities.”

McDonald’s asked customers to call this number to report any suspicious contact from anyone pretending to represent the chain: 800-244-6227.

Tell us: Did you get an email from McDonald’s about this incident?

Join the conversation: Follow the Fast Food Maven on Twitter and Facebook for real-time information on local food news, trends and deals.

More McDonald’s stories:

See this post in its original form, and read more on Fast Food Maven.