McDonald’s AI Hiring Bot Exposed with ‘123456’ Password — Millions of Job‑Seekers’ Data at Risk

A shocking security vulnerability in McDonald’s AI-powered hiring system has exposed the personal information of millions of job applicants, after security researchers discovered they could access the entire database using the laughably weak password “123456.”

The breach affects McHire.com, McDonald’s primary recruitment platform used by franchisees nationwide, where an AI chatbot named “Olivia” screens potential employees.

Security researchers Ian Carroll and Sam Curry revealed Wednesday that they gained administrator access to the system operated by artificial intelligence firm Paradox.ai through elementary hacking techniques that took just 30 minutes to execute.

Massive Data Exposure

The vulnerability exposed approximately 64 million records containing applicants’ names, email addresses, phone numbers, and complete chat histories with the AI recruiter.

Carroll and Curry accessed the system after trying common login credentials, with the username and password combination “123456” providing immediate entry to Paradox.ai’s backend infrastructure.

“I ...