McDonald's hiring bot breached, exposes 60 million applicants
McDonald's job application portal, which uses an AI chatbot called Olivia, was hit by a major data breach.
Security researchers Ian Carroll and Sam Curry found they could access the system with the default password "123456," exposing personal info—like names, emails, phone numbers, and chat histories—of about 64 million applicants.
McDonald's, Paradox.ai contacted
The researchers quietly reported the issue to Paradox.ai (the company behind the chatbot) and McDonald's.
Paradox.ai admitted a forgotten test account was to blame and quickly fixed it.
Both companies say no one else got in, but they've now tightened security.
The whole thing is a reminder that even big brands need to take online safety seriously—especially when it comes to sensitive info in AI-powered hiring tools.