McDonald's AI hiring platform found to be vulnerable, risking 64 million job applications

McDonald's hiring platform is reported to have an flaw that exposed applicant data stored in the system via a flaw detectable in the McHire Olivia chatbot. Separately, but relatd, the system had a set of trivial credentials granting access to the backend systems of the hiring platform.

The flaws were discovered by security researchers Ian Carroll and Sam Curry that enables theft

The hiring platform is developed by third-party vendor Paradox.ai, and is used by approximately 90% of McDonald's franchisees for recruiting new employees.

Vulnerabilities summary 

• The software vulnerability was an insecure direct object reference (IDOR) flaw in an internal API endpoint /api/lead/cem-xhr. Requests to that system were sent to with a parameter lead_id that was an integer value of 64,185,742 for the researchers.  With a simple change of the lead_id value to other lower numners, they were able to get other candidate data. Essentially, any person that's in an application process can use a request to api/lead/cem-xhr .
  • The exposed data included:
    • Names
    • Email addresses
    • Phone numbers
    • Home addresses
    • Candidacy states and application status
    • Shift availability preferences and scheduling data
    • Form inputs and responses submitted during the application process
    • Authentication tokens that could be used to impersonate applicants
    • Personality test results from the mandatory assessments
  • This flaw potentially exposed up to 64 million job applicants who had applied for positions at McDonald's franchises using the McHire platform over multiple years.
• Another problem was an extremely weak default credentials on the McHire administration interface, where restaurant owners were supposed to log in to view applicants. The researchers gained administrator access by simply guessing the username and password combination "123456:123456" on their second attempt. This provided them access to a test restaurant account within the McHire system that was populated with Paradox.ai employees as test data.

After discovering the issues, the researchers began responsible disclosure procedures, contacting both Paradox.ai and McDonald's on the same day. 

• The response was immediate. McDonald's confirmed receipt of the disclosure within 40 minutes and requested additional technical details.
• Paradox.ai revoked the compromised credentials within approximately two hours of the initial disclosure, and by the following day confirmed that all identified issues had been resolved. The company acknowledged the severity of the breach in a subsequent blog post, taking full responsibility for the security failures and announcing plans to implement a bug bounty program for future security research.

Paradox.ai emphasized in their official response that the legacy test account with the weak password had not been accessed since 2019 and should have been decommissioned. The company claims that only the security researchers had accessed the vulnerable system, with no evidence of malicious third-party exploitation.

McDonald's issued a statement expressing disappointment with their third-party provider and reaffirming their commitment to cybersecurity standards for vendors.