When security researchers Ian Carroll and Sam Curry began poking around the systems behind McDonald’s AI hiring chatbot, they didn’t expect the security of the entire gateway to hinge upon one of the world’s most infamous passwords “123456,” but that’s exactly what they found.
In a case that raises serious questions about AI adoption and vendor oversight, Carroll and Curry uncovered a gaping security hole in Olivia, the AI chatbot McDonald’s and other major brands use to streamline job application processes. Built by HR tech firm Paradox.ai, the system exposed an estimated 64 million chat logs containing sensitive applicant data — all through a poorly secured admin panel protected by a laughably weak password.
“So I started applying for a job,” Carroll told WIRED, “and then after 30 minutes, we had full access to virtually every application that’s ever been made to McDonald’s going back years.”
AI on the front lines of hiring
Olivia has been marketed as an intelligent assistant that helps companies screen, schedule, and communicate with job seekers. It operates through text-based interfaces and promises to improve efficiency while providing a friendly face to applicants, according to its developer.
For a company like McDonald’s — which regularly recruits thousands of hourly workers — Olivia handles a significant part of the hiring pipeline. Applicants often never interact with a human until the final stages of the process.
That trend isn’t unique to McDonald’s. Many large employers now rely on AI to conduct initial job interviews and filter candidates based on automated screening tools, as reported in eWeek. Entire ecosystems of AI-driven recruitment platforms now optimize candidate matching, résumé parsing, and interview scheduling — but, as Carroll and Curry demonstrated, the convenience of automation comes with a steep privacy risk.
According to reports from Cybersecurity News and The Verge, the pair discovered they could access the chatbot’s backend simply by entering the admin panel and trying the most obvious credentials. Once in, they had access to troves of data that included names, emails, phone numbers, and job histories of millions of applicants. In some cases, job seekers had even uploaded résumé information and other sensitive details.
How did this happen?
Paradox.ai acknowledged the breach and confirmed that only the two researchers had accessed the data. Still, the fact that such a vulnerability existed in a production environment used by multinational corporations stunned many in the cybersecurity world. What’s worse, the breach wasn’t the result of some zero-day exploit or nation-state cyberattack, but the kind of mistake even a middle school student is taught to avoid.
After Carroll and Curry notified Paradox.ai, the company reportedly locked down the system and launched a bug bounty program to prevent future issues. In a statement, Paradox.ai thanked the researchers and said it did not believe the vulnerability had been maliciously exploited.
McDonald’s responds… and distances itself
For its part, McDonald’s highlighted that the Olivia platform is operated by a third-party vendor. In a statement provided to The Daily Beast, the “deeply concerned” fast food giant said it was working with Paradox.ai to investigate the issue and improve protections. The company also clarified that it does not directly manage the AI software’s infrastructure, and that any compromise stemmed from vendor failings.
“We do not take this matter lightly, even though it was resolved swiftly and effectively,” Paradox.ai Chief Legal Officer Stephanie King told WIRED. “We own this.”
Critics say McDonald’s and other companies using AI for HR functions must take more ownership of their digital supply chains. Entrusting millions of job seekers’ personal data to an external system without verifying its security hygiene is a serious lapse in accountability.
Trusting AI with human data
This isn’t the first time Olivia has drawn criticism. The Daily Dot reported that job seekers have expressed frustration over Olivia’s often clunky or repetitive responses during application processes. Some said the bot “looped them in circles,” making it harder to complete job applications than if they’d spoken to a person. The breach adds a new layer of concern about the chatbot’s usability and security, highlighting the risk of putting sensitive human data in the hands of software platforms.
These risks aren’t limited to hiring chatbots. Platforms like LinkedIn and other job application aggregators are also leaning into AI-powered workflows, raising questions about data use, ownership, and security. As reported in TechRepublic, AI in recruitment is rapidly transforming how organizations attract and evaluate talent — and not always in predictable or transparent ways. From embedded bias to opaque decision-making, the growing reliance on automation has far-reaching consequences.
What comes next?
Paradox.ai’s launch of a bug bounty program is a step in the right direction, but the incident has already prompted wider scrutiny of AI vendors and the companies that use them. In the race to automate hiring and improve efficiency, basic cybersecurity practices like strong authentication, audit logs, and proper encryption cannot be overlooked.
The McDonald’s breach may not result in massive fines or lawsuits, but it has tarnished trust in the company’s digital hiring process. For job seekers, it’s a reminder that even the first steps of a job application can come with real risks.
And for everyone else? Change your passwords.
