McDonald’s AI hiring chatbot exposed 64M job applicants’ personal data

McDonald’s AI hiring chatbot exposed the personal data of millions of job applicants due to laughably weak security measures, including a password set to “123456.” Security researchers Ian Carroll and Sam Curry discovered they could access up to 64 million applicant records through the McHire platform built by Paradox.ai, a software company that creates AI-powered hiring tools, potentially exposing names, email addresses, and phone numbers of people who applied for McDonald’s jobs over several years.

What you should know: The security breach occurred through basic vulnerabilities that should never exist in enterprise systems handling sensitive data.

• Researchers gained administrator access to Paradox.ai’s backend systems by simply guessing common login credentials, with “123456” as both username and password working on their second attempt.
• The compromised account had no multifactor authentication and “had not been logged into since 2019 and frankly, should have been decommissioned,” according to Paradox.ai.
• Once inside, researchers could access any applicant’s chat logs and contact information by manipulating ID numbers in the system.

The scope of exposure: The vulnerable database contained records spanning years of McDonald’s job applications through the AI-powered McHire system.

• Researchers identified over 64 million applicant ID numbers, though Paradox.ai says only a fraction contained personal information.
• The exposed data included applicants’ names, email addresses, phone numbers, and complete chat histories with the Olivia AI chatbot.
• Two applicants contacted by WIRED confirmed they had applied for McDonald’s jobs on the dates specified in their exposed records.

Why this matters: The breach creates significant risks for vulnerable job seekers who could be targeted by sophisticated phishing scams.

• Fraudsters could impersonate McDonald’s recruiters and request financial information for fake direct deposit setups, exploiting applicants’ eagerness for employment.
• “If you wanted to do some sort of payroll scam, this is a good approach,” Curry explained, noting the heightened vulnerability of people actively seeking employment.
• The exposure also carries potential embarrassment for applicants whose job-seeking attempts at minimum-wage positions were made visible.

How the discovery happened: Carroll initially investigated the system after seeing Reddit complaints about the AI chatbot’s poor performance with job applicants.

• “I just thought it was pretty uniquely dystopian compared to a normal hiring process, right? And that’s what made me want to look into it more,” Carroll said.
• After testing unsuccessfully for AI prompt injection vulnerabilities, the researchers noticed a Paradox.ai staff login link and decided to try common credentials.
• “So I started applying for a job, and then after 30 minutes, we had full access to virtually every application that’s ever been made to McDonald’s going back years,” Carroll explained.

What they’re saying: Both companies acknowledged the severity of the breach and took responsibility for the failures.

• “We do not take this matter lightly, even though it was resolved swiftly and effectively,” said Stephanie King, Paradox.ai’s chief legal officer. “We own this.”
• McDonald’s expressed disappointment with their vendor: “We’re disappointed by this unacceptable vulnerability from a third-party provider, Paradox.ai.”
• The companies confirmed that Paradox.ai verified the compromised account “was not accessed by any third party” other than the security researchers.

The bigger picture: This incident highlights the risks of deploying AI systems without proper security foundations, especially when handling sensitive personal data.

• Paradox.ai announced it’s implementing a bug bounty program to better identify security vulnerabilities in the future.
• The breach was resolved on the same day it was reported to McDonald’s, according to the company’s statement.
• Carroll noted his respect for McDonald’s workers despite the security issues: “I have nothing but respect for McDonald’s workers. I go to McDonald’s all the time.”