McDonald’s faces backlash over AI hiring system security failures

A major security flaw in McDonald’s AI-driven recruitment platform has exposed the personal information of potentially 64 million job applicants.

The McHire platform, developed by Paradox.ai and powered by an AI chatbot named Olivia, suffered from basic authentication vulnerabilities and lacked critical security controls.

Security researchers Ian Carroll and Sam Curry discovered they could access the system using weak default credentials—simply the username and password ‘123456’.

The incident underscores serious cybersecurity lapses in automated hiring systems and raises urgent concerns about data protection in AI-powered HR tools. McHire is designed to streamline recruitment at McDonald’s franchise locations by using AI to screen candidates, collect contact details, and assess suitability.

The chatbot Olivia interacts with applicants using natural language processing, but users have often reported issues with miscommunication and unclear prompts. As a broader shift toward automation in hiring takes shape, McHire represents an attempt to scale recruitment efforts without expanding HR staff.

However, according to the researchers’ findings, the system’s backend infrastructure—housing millions of résumés, chat logs and assessments—was critically unprotected.

After prompt injection attacks failed, the researchers focused on login mechanisms and discovered a Paradox.ai staff portal linked from the McHire homepage.

Using simple password combinations and dictionary attacks, they could access the system with the password ‘123456’, bypassing standard security protocols. More worryingly, the account lacked two-factor authentication, enabling unrestricted access to administrative tools and candidate records.

From there, the researchers found an Insecure Direct Object Reference (IDOR) vulnerability that allowed traversal of the applicant database by manipulating ID numbers.

By increasing the numeric applicant ID above 64 million, they could view multiple records containing names, email addresses, phone numbers and chat logs. Although only seven records were considered during the test, five included personally identifiable information, highlighting the scale of the exposure.

Paradox.ai insisted that only a fraction of records held sensitive data, but the researchers warned of phishing risks linked to impersonation of McDonald’s recruiters. These could be used for payroll-related scams or to harvest further private information under false pretences.

McDonald’s acknowledged the breach and expressed disappointment in its third-party provider’s handling of basic security measures.

Paradox.ai confirmed the vulnerabilities and announced a bug bounty programme to incentivise researchers to report flaws before they are exploited. The exposed account was a dormant test login created in 2019 that had never been properly turned off—evidence of poor development hygiene.

Both companies have pledged to investigate the matter further and implement stronger safeguards, as scrutiny over AI accountability in hiring continues to grow.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!