Ordering food through the app seems like a very convenient option to get what you like. For fans of their products, McDonald’s Canada has developed such an app that allows customers to place mobile orders. However, canadian McDonald’s app was hacked by so-called “Vorburger” (Hamburglars), and a bill for the order is a very different people.
There have been several occasions when the account of the person in the application, which includes additional payment information from a debit or credit card, was hacked by a third party, which has used this account to place orders, sometimes in other provinces.
Patrick O’rourke, a journalist with resource Mobile syrup, explained how he used his data in the application. While O’rourke lives in Toronto, someone in Montreal used billing information in his account to place orders in the amount of $2,000.
Similarly, someone in Quebec Laval did through the app McDonald’s order for $ 100, and the amount for it appeared on the account of Patty Duke, a resident of Ontario.
“At first I thought it was a mistake because I couldn’t believe that I placed four separate orders in the same McDonald’s a few minutes,’ said the Duke CTV News. – This doesn’t make any sense.”
There were other cases when the application users have hacked the account, and a number of orders were made somewhere in Quebec. Some customers have shared their frustration on Twitter and got responses from McDonald’s Canada.
“@McDonalds @McDonaldsCanada Woke up today and found the app that I was charged $25 for ordering in Quebec. I live in Winnipeg. I have known three such cases, including my own,” wrote Twitter user @im_FFBF00.
“@McDonaldsCanada I’m so disappointed with the level of security your application! It just gets hacked and the hacker was able to purchase nearly $100, and I can’t login to your account to delete your billing information or change your password! 😡😡😡😡😡😡😡” – wrote @Shan_104.
McDonald’s Canada responded to both the tweet asking for more information.
In a letter to the editor Narcity on the Raimo Boussoufa (Ryma Boussoufa), press Secretary for McDonald’s Canada, wrote: “Although we know about the individual cases of unauthorized transactions, we remain confident in the security of our application.”
Boussoufa encouraged customers to use more secure passwords for their accounts, and not to tell anyone their passwords.
“If the user was faced with a unauthorized transaction, it must notify its financial institution that will conduct the investigation, wrote Boussoufa in the same letter. In some cases we can offer discounts as compensation for giving users the inconvenience.”
On Twitter, McDonald’s Canada representative said they can’t provide a refund because of how their application, writing: “the Payment information entered in the application is not stored in our system. Our system has a unique token exchange information with your payment provider that allows you to make purchases through the app. This token works only in one direction, and we can’t zero out the invoice. Only the payment provider may cancel the payment”.
Earlier McDonald’s used this application for promotional purposes, such as offer customers free fries and cheeseburgers. They also used the app to entertain its customers free coffee.