The company said Friday the accessed information included names, addresses, phone numbers, employment histories and other standard job application information of those who applied online between March 2014 and March 2017.
The site doesn't collect social insurance numbers, banking information or health information, McDonald's said in a statement.
“At this time, we have no information that the information taken has been misused,” the statement said. “We apologize to those impacted by this incident.”
It said all applicants directly affected by the privacy breach would be notified by mail, or through other contact information, such as email or phone, if a mailing address wasn't provided on the application form.
McDonald's also said applicants impacted by the breach could call the company's dedicated assistance line.
McDonald's said the site was shut down immediately and an investigation was launched when they learned of the breach.
“The careers webpage will remain shut down until the investigation is complete and appropriate measures are taken to ensure that this type of security breach does not happen again,” McDonald's said.
The company said privacy commissioners in every jurisdiction have been notified about the security breach.
It's advising anybody interested in applying for a job to do so in person at any McDonald's Canada restaurant.
McDonald's has more than 1,400 restaurants in Canada and more than 80,000 Canadian employees.