McDonald's AI Hiring Chatbot Exposes Personal Data of Millions Due to Weak Security

AI chatbot's simple '123456' password risked exposing personal data of millions of McDonald's job applicants | TechCrunch

Security researchers found that they could access the personal information of 64 million people who had applied for a job at McDonald's, in large part by logging into the company's AI job hiring chatbot with the username and password "123456." Ian Carroll and Sam Curry wrote in a blog post that "during a cursory security review of a few hours," they found the password issue and another simple security vulnerability in an internal API, which allowed access to job applicants' past conversations with the chatbot, called McHire, supplied to McDonald's by Paradox.ai. The personal data seen by the researchers included applicants' names, email addresses, home addresses, and phone numbers. Paradox.ai wrote in a blog post that it resolved the issues "within a few hours" after the researchers' report, and that "at no point was candidate information leaked online or made publicly available."

McDonald's AI Hiring Bot Exposed Millions of Applicants' Data to Hackers Who Tried the Password '123456'

If you want a job at McDonald's today, there's a good chance you'll have to talk to Olivia. Olivia is not, in fact, a human being, but instead an AI chatbot that screens applicants, asks for their contact information and resumé, directs them to a personality test, and occasionally makes them "go insane" by repeatedly misunderstanding their most basic questions. Until last week, the platform that runs the Olivia chatbot, built by artificial intelligence software firm Paradox.ai, also suffered from absurdly basic security flaws. As a result, virtually any hacker could have accessed the records of every chat Olivia had ever had with McDonald's applicants -- including all the personal information they shared in those conversations -- with tricks as straightforward as guessing the username and password "123456." On Wednesday, security researchers Ian Carroll and Sam Curry revealed that they found simple methods to hack into the backend of the AI chatbot platform on McHire.com, McDonald's website that many of its franchisees use to handle job applications. Carroll and Curry, hackers with a long track record of independent security testing, discovered that simple web-based vulnerabilities -- including guessing one laughably weak password -- allowed them to access a Paradox.ai account and query the company's databases that held every McHire user's chats with Olivia. The data appears to include as many as 64 million records, including applicants' names, email addresses, and phone numbers. Carroll says he only discovered that appalling lack of security around applicants' information because he was intrigued by McDonald's decision to subject potential new hires to an AI chatbot screener and personality test. "I just thought it was pretty uniquely dystopian compared to a normal hiring process, right? And that's what made me want to look into it more," says Carroll. "So I started applying for a job, and then after 30 minutes, we had full access to virtually every application that's ever been made to McDonald's going back years." When WIRED reached out to McDonald's and Paradox.ai for comment, a spokesperson for Paradox.ai shared a blog post the company planned to publish that confirmed Carroll and Curry's findings. The company noted that only a fraction of the records Carroll and Curry accessed contained personal information, and said it had verified that the account with the "123456" password that exposed the information "was not accessed by any third party" other than the researchers. The company also added that it's instituting a bug bounty program to better catch security vulnerabilities in the future. "We do not take this matter lightly, even though it was resolved swiftly and effectively," Paradox.ai's chief legal officer, Stephanie King, told WIRED in an interview. "We own this." In its own statement to WIRED, McDonald's agreed that Paradox.ai was to blame. "We're disappointed by this unacceptable vulnerability from a third-party provider, Paradox.ai. As soon as we learned of the issue, we mandated Paradox.ai to remediate the issue immediately, and it was resolved on the same day it was reported to us," the statement reads. "We take our commitment to cyber security seriously and will continue to hold our third-party providers accountable to meeting our standards of data protection."

McDonald's AI hiring chatbot exposed data of 64 million applicants with "123456" password

Serving tech enthusiasts for over 25 years. TechSpot means tech analysis and advice you can trust. Facepalm: Almost anyone who applied to work at McDonald's earlier this year may have exposed their name, phone number, email address, physical address, and other personal information. Security researchers effortlessly broke into the administrative system overseeing applicants' interactions with the generative AI chatbot that conducts most job interviews. Security researcher Ian Carroll successfully logged into an administrative account for Paradox.ai, the company that built McDonald's AI job interviewer, using "123456" as both a username and password. Examining the internal site's code quickly granted access to raw text from every chat it ever conducted. Job applications at 90 percent of McDonald's franchises conduct interviews with Paradox's AI chatbot, named Olivia. The AI collects names, locations, email addresses, phone numbers, shift availability, and other personal information before conducting rudimentary personality tests. Human overseers view and access this information using Paradox administrative accounts. Although McDonald's hiring website attempts to push users toward a single sign-on, Carroll noticed a link in small text that led to a separate Paradox employee login page. Shockingly, it accepted the default username and password, immediately revealing the system's inner workings. After discovering an API in the site's code, Carroll decremented the main parameter of an XHR request for a test chat, which granted access to Olivia's chat history for 64 million applicants. In addition to personal data, the leak also reveals authentication tokens and changes to employment status. Moreover, when Carroll attempted to alert Paradox to the breach, he was unable to find a security disclosure contact. The company's security page mostly consists of a simple assurance that users shouldn't need to worry about security. Eventually, after the researchers emailed "random people," Paradox and McDonald's confirmed that they resolved the issue in early July. Carroll also noticed Olivia's relatively limited range of responses, which have drawn ridicule online. One Redditor shared screenshots from a conversation where Olivia directed them toward the chain's hiring website, which sent them back to the chatbot. When the applicant complained, the AI responded nonsensically. Hiring is far from the only area where McDonald's has integrated AI into its operations. In March, the company announced plans to utilize the technology for administration, sensing equipment, checking orders, and other tasks. Last year, McDonald's ended tests for an AI drive-thru system developed by IBM. Despite the obvious dangers of using "123456" as a password, it still regularly appears in lists of the most common credentials.

McDonald's Idiotic AI Hiring System Just Leaked Personal Data About Millions of Job Applicants

Image by Paul Weaver / SOPA Images / LightRocket via Getty / Futurism As large language models (LLMs) become ever more integrated into the platforms that define daily life, major flaws in the software's security capabilities are starting to show. McDonald's is among the growing list of companies that have quickly shoehorned LLM chatbots into their hiring systems, consequences be damned. Its Paradox.ai-built chatbot, which McDonald's calls a "virtual recruiting assistant," goes by the name Olivia. Olivia is more than happy to help applicants find jobs near them through a fake-live chat, complete with a photo of a human worker to make the whole thing that much more uncanny. As a chatbot, Olivia's not that remarkable. It ushers job seekers through a maze of incomprehensible personality tests and screening questions, complete with the infuriating hallucinations one can expect to run into with an LLM. However, to a hacker who knows how to crack LLMs, Olivia is a treasure trove waiting to be uncovered. As first reported by Wired, Olivia had some astonishing security defects hiding just beneath its faux-human skin. With the right knowledge, a hacker could access the chatlogs of 64 million McDonald's applicants, including personal details, such as full names, email addresses, phone numbers, addresses, work availability, and raw chat data. Olivia's jaw-dropping weakness was discovered by cybersecurity researchers Ian Carroll and Sam Curry, who were able to break into the backend of the Paradox.ai LLM using the username and password "123456." From there, the white hat hackers were able to access the AI company's "test restaurant," giving them a glimpse at how the whole thing worked. "It turned out we had become the administrator of a test restaurant inside the McHire system," Carroll wrote on his blog. Since they were still confined to Paradox.ai's testing software, the pair decided to apply for one of the trial postings to study the process. By diving into the code behind the application, they quickly found a parameter indicating their application number, 64,185,742. When they tried to follow the application directly below theirs, they came face to face with another job seeker's personal info, unmasked for the whole world to see. "We quickly realized this [system] allows us to access every chat interaction that has ever applied for a job at McDonald's," Carroll wrote. "We immediately began disclosure of this issue once we realized the potential impact," wrote Carroll. "Unfortunately, no disclosure contacts were publicly available and we had to resort to emailing random people." "The Paradox.ai security page just says that we do not have to worry about security!" he added. The internal vulnerability has since been patched by Paradox, and the admin password is no longer 123456. Still, it's a crystal clear demonstration of how irresponsible some early LLM adoption has been.

McDonald's in hot water after AI tool with laughably weak password '123456' gets hacked, data of 64M job seekers exposed

McDonald's is facing major scrutiny after a shocking security lapse exposed sensitive data from as many as 64 million job seekers, all because of a default admin password that was as weak as it gets: "123456," as per a report. The breach was discovered in late June by security researchers Ian Carroll and Sam Curry during a review of McHire, McDonald's AI-driven hiring platform, as per the CSO Online report. The tool, which uses an automated chatbot named Olivia to screen and engage applicants, had a hidden flaw that made it easy for anyone to access applicants' chat histories with the bot, according to the report. According to Carroll, the team noticed a login option labeled "Paradox team members" on McHire's admin interface, which led them to try using the default username and password combination "123456," and they were immediately logged in, not only to a test environment but also to real administrative dashboards containing live data, as reported by CSO online. ALSO READ: AI is watching, layoffs are rising -- inside the terrifying new era of office paranoia Carroll said, "Although the app tries to force single sign-on (SSO) for McDonald's, there is a smaller link for 'Paradox team members' that caught our eye," as quoted in the report. Carroll revealed that, "Without much thought, we entered '123456' as the password and were surprised to see we were immediately logged in!," as quoted in the report. Once they got inside, they found something even more troubling: that an internal API endpoint allowed access to fetch applicant data by using a predictable parameter, according to the report. This insecure direct object reference, or IDOR, meant they could view personal data of the applicant, chat transcripts with Olivia, names, email addresses, phone numbers, job application details, and even tokens that could let someone impersonate a candidate, as reported by CSO Online. The issue was discovered after Reddit users began complaining that Olivia was giving strange or nonsensical responses, which led the researchers to take a closer look, according to the report. However, the issue of Olivia was immediately resolved by McDonald's and Paradox.ai (Olivia's creator) upon disclosure, reported CSO Online. ALSO READ: Dogecoin and Shiba Inu skyrocket as meme coins explode during crypto market boom A senior manager for professional services consulting at Black Duck, Aditi Gupta, pointed out that, "The McDonald's breach confirms that even sophisticated AI systems can be compromised by elementary security oversights," and added, "The rush to deploy new technology must not compromise basic security principles. Organizations must prioritize fundamental security measures to ensure uncompromised trust in their software, especially for the increasingly regulated, AI-powered world," as quoted in the report. Desired Effect's CEO Evan Dornbush highlighted that, "This incident is a prime example of what happens when organizations deploy technology without an understanding of how it works or how it can be operated by untrusted users," adding that, "With AI systems handling millions of sensitive data points, organizations must invest in understanding and mitigating pre-emergent threats, or they'll find themselves playing catch-up, with their customers' trust on the line," as quoted by the CSO Online report. However, after the disclosure on June 30, Paradox.ai and McDonald's acknowledged the vulnerability quickly, and by July 1, default credentials were disabled and the endpoint was secured, according to the report. Paradox.ai also said that it will conduct further security audits, reported CSO Online. Later, a Paradox staff member wrote on its website, "We are confident that, based on our records, this test account was not accessed by any third party other than the security researchers," and emphasised that "at no point was candidate information leaked online or made publicly available. Five candidates in total had information viewed because of this incident, and it was only viewed by the security researchers. This incident impacted one organization -- no other Paradox clients were impacted," as quoted by the CSO Online report. While the chief information security officer at Cequence Security, Randolph Barr warned that, "Even though there's no indication the data has been used maliciously yet, the scale and sensitivity of the exposure could fuel targeted phishing, smishing/vishing, and even social engineering campaigns," and added that, "Combined with AI tooling, attackers could craft incredibly personalized and convincing threats," as quoted by CSO Online. What kind of data was exposed? Applicant chat logs, contact details, job application responses, shift preferences, personality test results, and impersonation tokens were accessible. How did the researchers access the system? They used a publicly visible login labeled "Paradox team members" and guessed the default password "123456," which gave them immediate access.

McDonald's AI hiring platform "hacked" using incredibly simple password

It's no secret that nowadays, if you're looking for a new job at a big company chances are that your CV is going to be passed through an AI model before it gets to any human eyes. McDonald's has adopted the McHire system, using the chatbot Olivia to take personal information from applicants and point then towards personality tests and other processes. As reported on by Wired, McHire isn't the most secure of hiring platforms. Logging onto an administrator account where the username and password were "123456", security researchers Ian Carroll and Sam Curry found some obvious flaws in the system, which could have allowed bad actors to access the personal information of every chat Olivia had with McDonald's applicants. "I just thought [McHire] was pretty uniquely dystopian compared to a normal hiring process, right? And that's what made me want to look into it more," Carroll explained. "So I started applying for a job, and then after 30 minutes, we had full access to virtually every application that's ever been made to McDonald's going back years." It's worth noting that no applicant data has been hacked or leaked, thanks to the discovery of this major flaw in the system, but it shows that despite a lot of faith being placed in the old AI, perhaps it's not quite ready to handle big responsibilities just yet.