More than 64 million McDonald’s job applicants across the United States may have had their personal information exposed after cybersecurity researchers discovered serious security vulnerabilities in McHire, the fast-food giant’s AI-powered hiring platform.
Weak Credentials Unlock Admin Access
Security researchers Ian Carroll and Sam Curry uncovered that McHire’s admin panel, used by restaurant owners to manage applications, accepted weak default login credentials of a login name “123456” and a password of “123456”.
For those unaware, McHire, used by 90% of McDonald’s franchisees, is a chatbot-based hiring platform powered by Paradox.ai. It features a bot named ‘Olivia’ that collects applicant data, shift preferences, and conducts personality tests as part of the job application process.
Using the test credentials, the researchers logged into a test restaurant account and found they could view and interact with live chat data between Olivia and applicants. They discovered that an Insecure Direct Object Reference (IDOR) vulnerability on an internal API allowed anyone with a McHire account to access any applicants’ personal data and chats by simply changing a number in the API.
“During a cursory security review of a few hours, we identified two serious issues: the McHire administration interface for restaurant owners accepted the default credentials 123456:123456, and an insecure direct object reference (IDOR) on an internal API allowed us to access any contacts and chats we wanted,” Carroll wrote in a post about the flaw.
“Together they allowed us and anyone else with a McHire account and access to any inbox to retrieve the personal data of more than 64 million applicants.”
In other words, by modifying the lead_id in a browser request—essentially increasing or decreasing a number—they could view personal information from other applicants across the system. This included names, emails, phone numbers, home addresses, job application status, and even login tokens that could allow them to impersonate the applicants in the system.
While applicants believed they were chatting safely, their conversations and data were accessible to anyone who found the test login and manipulated the exposed API.
Response And Measures Taken
The security researchers disclosed to both Paradox.ai and McDonald’s on June 30, and they responded swiftly. Within hours, the default credentials were disabled, and both vulnerabilities were reportedly fixed by July 1.
“We’re disappointed by this unacceptable vulnerability from a third-party provider, Paradox.ai. As soon as we learned of the issue, we mandated Paradox.ai to remediate the issue immediately, and it was resolved on the same day it was reported to us,” McDonald said in a statement about the research.
Paradox.ai claimed most exposed chats didn’t contain personal info and emphasized that no evidence of malicious access was found beyond the researchers. It claimed that only a handful of sensitive records that included full details were accessed during testing.
“We want to be very clear that while the researchers may have briefly had access to the system containing all chat interactions (NOT job applications), they only viewed and downloaded five chats in total that had candidate information within. Again, at no point was any data leaked online or made public,” Paradox wrote in a security update.
Additionally, Paradox has promised stricter security protocols, a new bug bounty program, and more accessible disclosure channels. Meanwhile, McDonald’s stated it is reviewing its partnerships and promised to tighten oversight of its third-party providers and uphold strict data protection standards.
