Search
A critical security flaw has been identified in McHire, McDonald's widely-utilized AI recruitment platform, potentially compromising the personal data of over 64 million job applicants. Developed by Paradox.ai, McHire incorporates an AI chatbot named Olivia, tasked with gathering sensitive information from job seekers, such as names, phone numbers, email addresses, and physical addresses. Security researcher Ian Carroll highlights that the vulnerability arises from insecure direct object references and the use of weak default credentials, particularly the password '123456', which facilitates unauthorized access to these data. In response, Paradox.ai swiftly addressed the vulnerability, and McDonald's has mandated immediate rectification efforts alongside the implementation of enhanced data security measures.
-
C114 Communication Network -
Communication Home
