A security lapse in McHire, McDonald’s chatbot-powered recruitment platform, exposed personal data from more than 64 million job applicants. The breach combined two fundamental flaws: default administrator credentials and an insecure direct object reference (IDOR) vulnerability.
McHire, used by 90% of McDonald’s franchisees, lets candidates chat with a bot named Olivia, built by Paradox.ai, to apply for jobs, share personal details, and take a brief personality test.
Two independent security researchers, Ian Carroll and Sam Curry, uncovered the flaws during a brief, informal review after spotting user complaints about the chatbot’s erratic behavior on Reddit.
“123456” and You’re In
While exploring the platform, the researchers discovered that McHire’s administrative portal, meant for restaurant owners, accepted “123456” as both username and password. This granted them access to a test environment within the system, where they could view simulated applicant data, primarily Paradox.ai staff.
Still, this alone didn’t demonstrate a data leak. That came next.
A Simple IDOR with Massive Reach
Using the admin view, the researchers applied to one of the platform’s test job postings and examined the API used to retrieve applicant data. The vulnerability was simple. By modifying the lead_id parameter in a single API request, they could access the personal details of any applicant in the system.
Incrementing or decrementing the ID revealed full names, email addresses, phone numbers, home addresses, shift preferences, candidacy status, and even authentication tokens, essentially keys to impersonate applicants on the consumer side of the platform.
No rate-limiting. No authorization checks. Just an open door.
No Security Page, No Disclosure Route
When the scope became clear, the researchers tried to contact Paradox.ai. The company’s website offered no security contact and, ironically, assured visitors they “do not have to worry about security.”
With no formal channel available, they emailed various Paradox employees. Once the right people were involved, the response was swift.
Fixes Came Quickly After Contact
The issue was disclosed on 30 June. Within hours, McDonald’s acknowledged receipt and asked for technical details. The test credentials were deactivated the same evening. By 1 July, Paradox.ai confirmed the vulnerabilities were fixed.
The researchers praised the response, noting that Paradox.ai committed to further audits to shore up their systems.
A Cautionary Tale
The incident is a textbook example of two security basics gone wrong: weak credentials and unprotected APIs. Yet the exposure scale, tens of millions of job seekers (many teenagers or first-time applicants) makes this more than a cautionary tale. It’s a reminder that trust in digital hiring platforms must be earned and secured, not assumed.
Paradox.ai has not publicly commented on the breach, but their swift behind-the-scenes remediation likely spared the company a deeper crisis.
In the meantime, job seekers using McHire may want to monitor for unusual activity, and hope Olivia isn’t still using “123456” to guard the front door.
FOMO to Blame?
Ilia Kolochenko, CEO at ImmuniWeb, believes the fear of missing out (FOMO) is poised to be the root cause of countless security incidents and data breaches when organizations rush to implement AI in a futile hope to cut costs, improve quality and impress investors at once.
“While modern-day AI certainly has a strong potential to accelerate and otherwise improve many existing business processes, its implementation requires a thorough and well-thought-out plan to address cybersecurity, data protection, privacy, compliance and legal aspects of the AI technology and its components.”
Kolochenko says this is not to mention AI-specific vulnerabilities and threats, like the bypass of LLM guardrails that lead to data extraction or misuse of LLMs. “While companies continue to prioritize speed over quality with AI implementation, the number of security incidents will exponentially grow, while lawyers, defending companies that experienced AI-related incidents, will likely be the only ones who will capitalize on the unfolding AI hype.”
A Broader Weakness
“This was some very interesting research, adds Randolph Barr, Chief Information Security Officer at Cequence Security. “I actually walked through the application process and it looked simple and easy to engage and the situation is troubling on multiple levels.”
What stands out most for Barr, is that a widely known OWASP Top 10 issue (the use of weak, guessable credentials like 123456) was allowed in a production system with no multifactor authentication (MFA). “That’s not just a technical oversight; it reflects a broader weakness in the security program itself.”
Barr says when foundational security practices like proper credential management, access control, and configuration hardening are missing, it raises serious questions: “What else might have been overlooked? If a security professional can spot such a basic misstep immediately, bad actors absolutely will — and they’ll be encouraged to dig deeper for other easy wins.”
Even though there’s no indication the data has been used maliciously yet, Barr says he scale and sensitivity of the exposure (~64 million applicants) could fuel targeted phishing, smishing/vishing, and even social engineering campaigns. “Combined with AI tooling, attackers could craft incredibly personalized and convincing threats.”
If something this basic made it through, it undermines confidence in the entire security posture, Barr adds. “It’s a reminder that in any system (especially those handling personal data) security fundamentals can’t be optional.”
AI Should Be Treated as a Regulated Asset
Kobi Nissan, Co-Founder & CEO at MineOS adds that when companies rush to deploy AI in customer-facing workflows without proper oversight, they expose themselves, and millions of users, to unnecessary risk. “The issue here isn’t the AI itself, but the lack of basic security hygiene and governance around it.”
Nissan says any AI system that collects or processes personal data must be subject to the same privacy, security, and access controls as core business systems. “That means authentication, auditability, and integration into broader risk workflows, not siloed deployments that fly under the radar. As adoption accelerates, businesses need to treat AI not as a novelty, but as a regulated asset, and implement frameworks that ensure accountability from the start.”
Cybersecurity Negligence
CEO Evan Dornbush, former NSA cybersecurity expert and CEO of DesiredEffect, says: “While we all love a good burger, nobody wants their personal data served up with a side of cybersecurity negligence. Ironic McDonalds is getting fried in tech circles, and rightfully so.”
He said this incident is a prime example of what happens when organizations deploy technology without having an understanding about how it works or how it can be operated by untrusted users.
“Brands need to be thinking about vulnerabilities from the ground up, not just as an afterthought,” Dornbush adds. “This scenerio underscores that reactive security is no longer enough. With AI systems handling millions of sensitive data points organizations must invest in understanding and mitigating pre-emergent threats, or they’ll find themselves playing catch-up, with their customers’ trust on the line.”
Slow Down, and Secure it Properly
William Leichter, Senior Officer at PointGuard AI, has the final word. “This problem isn’t unique to AI, it’s a recurring pattern with every so-called ‘game-changing’ technology. The hype cycle drives organizations to deploy fast, chasing immediate gains while sidelining seasoned security professionals.”
He says we saw the same thing during the early rush to the cloud a decade ago, when developers uploaded sensitive data to Amazon S3 buckets without basic password protection. “Now, it’s AI’s turn: tools are being rolled out hastily, with immature controls and sloppy practices. The lesson is clear, slow down and secure it properly. Maybe incidents like this one will finally serve as the wake-up call we need.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.