McDonald’s hiring system exposes millions

Security flaw in McDonald’s AI hiring tool exposes millions of applicants

A weak password and an insecure API exposed sensitive applicant data on a massive scale.

McDonald’s uses an AI chatbot called Olivia to handle job applications through its platform McHire. But recent research revealed that this system left personal data from millions of applicants exposed due to basic security oversights. Two security researchers, Ian Carroll and Sam Curry, discovered that anyone could access the backend of McHire using the most predictable password combination: 123456.

Once inside, the researchers found that the admin portal not only accepted weak credentials but also contained an insecure direct object reference, or IDOR. This allowed them to manipulate user IDs in the system and view data from other applicants. In total, the platform may have exposed as many as 64 million job applications.

What was exposed

The data included names, email addresses, phone numbers, home addresses, shift preferences, and chat history with the AI assistant. The researchers were also able to obtain authentication tokens that could have been used to log in as specific applicants.

This type of access could enable attackers to impersonate job seekers, extract further personal details, or launch convincing phishing campaigns. While no malicious exploitation has been confirmed, the potential impact is significant.

Exposing this kind of personal data is especially serious because it gives cybercriminals everything they need to launch targeted attacks. With access to contact information and behavioural details, attackers can tailor their messages to appear more legitimate and trustworthy. If you want to understand what counts as personal data and why it matters, we’ve written a detailed guide on what personal data is.

Phishing is one of the most common follow-up threats after a data leak like this. When attackers already have names, email addresses and context, it becomes much easier to trick victims into handing over more information or clicking malicious links. To learn how phishing works and how to spot it, you can read our guide to phishing.

AI convenience with human risk

The breach is a clear example of how digital convenience can create new vulnerabilities when not paired with strong cybersecurity practices. AI tools like Olivia are increasingly used in recruitment, but the systems that support them must follow security protocols just like any other enterprise application.

The issue was not a complex zero-day vulnerability or a sophisticated intrusion. It was a result of forgotten test accounts, poor access controls, and a lack of oversight.

Rapid response, but deeper concerns

Paradox.ai, the company behind McHire, responded quickly after being contacted by the researchers. The vulnerable account was disabled the same day, and the flaw was fully patched within 48 hours. McDonald’s issued a statement confirming that the issue was caused by a third-party vendor and stressed its commitment to data protection.

Still, the incident raises questions about how organizations monitor the security practices of their vendors. Carroll and Curry found that the exposed admin account had existed since 2019 and was never decommissioned. This is a common security blind spot.

The risks of AI-powered hiring platforms

The McHire breach highlights the specific risks of AI systems that handle sensitive data. Unlike traditional web applications, AI platforms often involve real-time data processing, behavioral assessments, and automated decision-making. If these systems are not secured properly, they can become targets for attackers and a liability for the companies that use them.

Job application data is especially sensitive because it often involves young people or individuals in financially vulnerable situations. Leaked information can be used to create highly targeted phishing attacks that exploit users’ expectations during the hiring process.

What businesses should learn

The McDonald’s case offers three key lessons:

1. Never use default credentials in production environments. Even in test environments, weak passwords pose a serious risk.

2. Third-party vendors must be held to the same security standards as internal teams. Security responsibility cannot be outsourced.

3. AI systems must be designed with security from the start. This includes authentication, access control, and regular audits.

McHire was designed to improve hiring efficiency, but this incident shows how quickly things can go wrong when security is an afterthought. Organizations must treat every system that handles personal data as a high-risk asset and ensure it is protected accordingly.

At Moxso, we believe that even the most advanced tools must rest on strong security foundations. AI is not inherently insecure, but it must be governed with the same level of caution and discipline as any other critical system.