A significant security vulnerability in McDonald’s AI-driven hiring platform, McHire, has compromised the personal data of over 64 million job applicants. This incident, driven by an Insecure Direct Object Reference (IDOR) flaw and weak default credentials, has prompted swift corrective measures by Paradox.ai.
The breach involved McHire, a recruitment solution widely used by McDonald’s franchisees. The vulnerability was uncovered by security researchers Ian Carroll and Sam Curry, who identified unauthorized access to sensitive personal data, including names, email addresses, phone numbers, and home addresses of applicants.
The investigation was triggered by user reports on Reddit, highlighting issues with the McHire chatbot named Olivia, developed by Paradox.ai. Upon analysis, researchers discovered two significant weaknesses. Firstly, the administrative login utilized easily guessable default credentials, specifically “123456” for both username and password, allowing unauthorized users administrator access to a test restaurant account.
The more serious vulnerability involved an IDOR in an internal API, where altering a numerical value in a web address (specifically, a lead_id associated with applicant chats) allowed anyone with a McHire account to access confidential information from other applicants’ chat sessions.
This access included unmasked contact information and authentication tokens, potentially enabling unauthorized users to log in as the applicants themselves to view their raw chat messages. The researchers disclosed their findings in a blog post, indicating the vast extent of the data that could have been exposed.
The McHire platform operates at https://jobs.mchire.com/, guiding applicants through an automated recruitment process that includes a personality test. Researchers discovered the vulnerability while monitoring a test application from the perspective of a restaurant owner, observing how easily candidate data could be retrieved through the flawed API.
Upon realizing the significant scale of the breach, the researchers acted promptly by notifying Paradox.ai and McDonald’s on June 30, 2025. McDonald’s responded quickly, and by the same evening, the default administrative access was eliminated. Paradox.ai confirmed that all security issues were fully addressed by July 1, 2025.
This incident underscores the necessity for robust cybersecurity measures, particularly when integrating AI into customer-facing services. Kobi Nissan, Co-Founder and CEO of MineOS, noted that while the AI itself wasn’t the issue, the absence of fundamental security protocols and governance contributed to the vulnerability. He emphasized that any AI system managing personal data must conform to stringent privacy and security standards similar to core business systems.
The potential tactics and techniques involved in this breach can be referenced within the MITRE ATT&CK framework, particularly regarding initial access and privilege escalation through weak credentials and direct object reference vulnerabilities. As organizations increasingly deploy AI, they need to consider it as a regulated asset, implementing comprehensive frameworks to ensure accountability and security from the outset.
