Security researchers Ian Carroll and Sam Curry have uncovered critical vulnerabilities in McDonald’s chatbot-based recruitment platform, McHire, which exposed the personal information of more than 64 million job applicants.
The platform, built by Paradox.ai, allows prospective employees to interact with a chatbot during the hiring process. However, Paradox.ai failed to remove default login credentials for a test account and did not properly secure an API, which made it possible to access the chat records of all users.
Carroll explained that McHire enables McDonald’s restaurant owners to access job applications via a Single Sign-On (SSO) system. Despite this, a separate sign-in portal intended for Paradox staff allowed access to a test user account using the username ‘123456’ and the password ‘123456’.
“We realized we had gained administrator access to a test restaurant within the McHire system,” Carroll said. “We could see that all listed employees of this restaurant were actually staff from Paradox.ai, the company that operates McHire.”
From this access point, the researchers were able to view ongoing conversations between applicants and the chatbot, and even had the capability to interact with the interview process at certain points.
Further investigation of the platform’s API revealed a serious Insecure Direct Object Reference (IDOR) vulnerability. The API used a visible ID number to fetch candidate data, which turned out to correspond directly to the applicant's order in the database. In one case, the ID assigned to Carroll’s application was 64,185,742.
“When we decreased the number by one, we immediately accessed another applicant’s personal information, which included unmasked contact details,” Carroll said.
The exposed data included applicants’ full names, home addresses, phone numbers, email addresses, application status, and authentication tokens. These tokens could be used to log in as the applicant and view their entire chat history.
Carroll and Curry reported their findings to Paradox.ai and McDonald’s on June 30. The default login credentials were disabled the same day, and both security flaws were confirmed resolved by July 1.
Carroll noted that once their concerns reached the right contacts, the Paradox.ai team responded swiftly. “They made it clear that protecting candidate and client data is a top priority. The team acted quickly to fix the issue and committed to performing further security reviews to close any other potential vulnerabilities.”
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
