The AI Hiring Bot Has Millions of Sensitive Data Records Exposed
10 July 2025 - Reading time: 5 minutes
TL;DR: Multiple vulnerabilities found in McDonald's AI-powered hiring system exposed data of 64 million job applicants. Security issues, such as weak passwords and a lack of robust security design, leave sensitive information exposed in the wild. This exercise is (one more) wake-up call for companies to reassess their reliance on automated systems and take concrete steps to protect sensitive information. [Source].
Cybersecurity is never limited to just IT systems but extends to all corporate environments. This story is about hacking an automated AI-driven hiring mechanism. Imagine a scenario where you apply for a job online only to find your sensitive personal data - name, email address and phone number - being shared without your consent on the dark web. Sounds far-fetched? Unfortunately not. The recent exercise shows that 64 million applicants' personal data records in McDonald's AI hiring system, McHire, could have been easily compromised.
Not-So-Tasty Recruitment System
Security researchers Ian Carroll and Sam Curry found that the McDonald's McHire platform, developed by AI software company Paradox.ai, had numerous (basic!) security vulnerabilities, enabling hackers to breach the applicant database with a simple administrator password like "123456." After gaining access to the McHire system, security researchers uncovered an Insecure Direct Object Reference (IDOR) vulnerability within the applicant database. By enumerating the applicant ID, they were able to access all the database records. This flaw enabled access to a massive amount of sensitive personal information, including names, email addresses, phone numbers, and chat logs spanning several years. Needless to say, the accessed data in the wrong hands could be easily exploited for phishing, fraud, or other malicious activities. Both McDonald’s and Paradox.ai recognised the gravity of exposing sensitive applicant data and the critical nature of the incident. McDonald's expressed disappointment regarding the security lapses of its third-party vendor, but would it change much?
How on Earth is This Possible?
The answer lies in a well-known security flaw: a weak username and password combination as simple as the immortal "123456". The researchers discovered these vulnerabilities by using a trivial dictionary attack - a "traditional" and basic technique where an attacker uses words and common patterns to identify weak passwords. Success after 30 minutes - not bad!
Reading between the lines, the ease of this breach might suggest deeper issues in the platform’s development process, potentially stemming from an over-reliance on AI-driven code generation. It’s plausible to assume that the security flaws emerged due to automated programming tools producing insecure code. In an AI-driven development environment, algorithms may prioritise functionality and speed over security, inadvertently embedding multiple vulnerabilities if not rigorously checked. The lack of robust human control and supervision in the SDLC could have led to a failure to enforce the necessary secure coding standards.
Recommendations? Elementary, my dear Watson.
How do we protect ourselves from falling victim to such security threats? The answer lies in taking simple, very well-known, yet effective measures to safeguard our businesses.
To prevent cybersecurity issues, organisations should enforce strong password policies with complex, lengthy passwords and multi-factor authentication. It is important to secure access to all sensitive resources (especially databases) with role-based access control. It is important not to forget about running regular security audits: conducting penetration testing (PT), automated vulnerability scans (VA), and engaging third-party security firms - it will tremendously help to identify weaknesses at the early (development) stages. And please always remember about employee training on secure practices and phishing awareness. The training can work best if combined with an existing robust incident response plan that ensures quick action during breaches.
Separate words should be said about having a secure software development lifecycle (SDLC) in place, as it integrates security practices at every stage of software development: from design to deployment. By incorporating threat modelling, secure coding standards, and regular security testing, it is possible to substantially reduce the risk of exploitable flaws much earlier (and cheaper).
So we, humans, are still needed! To me, this all highlights the necessity of integrating human expertise into modern "AI-assisted software development". Otherwise, we will have more opportunities to log in with "123456" to mission-critical systems and see more catastrophic breaches that expose sensitive data.