<ul data-eligibleForWebStory="false"><li>McDonald’s experienced a security breach in its AI-powered chatbot hiring system, exposing the personal details of around 64 million job applicants.</li><li>The breach, discovered in the McHire platform developed by Paradox.ai, revealed critical flaws in the system's security, including default login credentials and a vulnerability that allowed unauthorized access to sensitive applicant data.</li><li>Security researchers uncovered the breach by exploiting an insecure direct object reference (IDOR) vulnerability, accessing applicant data like names, emails, phone numbers, and chat logs with the AI chatbot.</li><li>Following the discovery, McDonald’s and Paradox.ai swiftly patched the vulnerabilities, replacing default credentials with secure protocols. The incident underscores the risks of lax security in AI systems and highlights the need for robust cybersecurity measures in the age of automation.</li></ul>

McDonald’s AI hiring bot leaks millions of job seeker’s details: Here’s what happened

Discover more