The information included names, addresses, email addresses, phone numbers and employment backgrounds of candidates who applied online for jobs at McDonald's Canada restaurants between March 2014 and March 2017.
The careers website was shut down after McDonald's learned of the attack, and will remain closed until an ongoing investigation is complete, the unit said.
The company said it currently had no evidence that the information taken had been misused.
McDonald's Canada said its job application forms do not ask for sensitive personal information such as social insurance numbers, banking or health information.
McDonald's said earlier this month its official Twitter handle was compromised after a tweet sent from the account slammed U.S. President Donald Trump.
(Reporting by Vishaka George and Anya George Tharakan in Bengaluru; Editing by Sai Sachin Ravikumar)
(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)