Ai Chatbot’s Simple ‘123456’ Password Risked Exposing Personal Data Of Millions Of Mcdonald’s Job Applicants

In Brief

Security researchers recovered that they could entree nan individual accusation of 64 cardinal group who had applied for a occupation astatine McDonald’s, successful ample portion by logging into nan company’s AI occupation hiring chatbot pinch nan username and password “123456.”

Ian Carroll and Sam Curry wrote successful a blog post that “during a cursory information reappraisal of a fewer hours,” they recovered nan password rumor and different simple information vulnerability successful an soul API, which allowed entree to occupation applicants’ past conversations pinch nan chatbot, called McHire, supplied to McDonald’s by Paradox.ai. 

The individual information seen by nan researchers included applicants’ names, email addresses, location addresses, and telephone numbers.

Paradox.ai wrote successful a blog post that it resolved nan issues “within a fewer hours” aft nan researchers’ report, and that “at nary constituent was campaigner accusation leaked online aliases made publically available.”

The researchers’ findings were first reported by Wired.

Subscribe for nan industry’s biggest tech news