Vulnerabilities in McDonald’s McHire chatbot exposed data from 64 million job applicants due to insecure internal APIs.
Security researchers Ian Carroll and Sam Curry discovered multiple vulnerabilities in the McDonald’s chatbot recruitment platform McHire that exposed the personal information of over 64 million job applicants.
The security duo found that McDonald’s hiring bot, built by Paradox.ai, had major flaws, like a test account with username and password both set to “123456” and an insecure API. This let them access private chats between job seekers and the bot. They even gained admin access to a test “restaurant,” seeing internal staff data and ongoing interviews. The bug exposed sensitive info from millions of applicants due to poor security setup.
“During a cursory security review of a few hours, we identified two serious issues: the McHire administration interface for restaurant owners accepted the default credentials 123456:123456, and an insecure direct object reference (IDOR) on an internal API allowed us to access any contacts and chats we wanted.” reads the report published by the experts. “Together they allowed us and anyone else with a McHire account and access to any inbox to retrieve the personal data of more than 64 million applicants.”
Researchers tested McDonald’s McHire job app by applying for a job, interacting with its chatbot “Olivia,” and taking a personality test powered by Traitify. The process stalled pending human review. Curious, they explored the login page for McHire admins and found a “Paradox team members” option. Using the default credentials “123456” / “123456,” they unexpectedly gained admin access to a test restaurant account. This revealed how the system worked and exposed internal employee data from Paradox.ai, though they had not yet proven deeper data security risks at that point.
“We noticed that restaurant owners can login to view applicants at https://www.mchire.com/signin. Although the app tries to force SSO for McDonald’s, there is a smaller link for “Paradox team members” that caught our eye.” continues the report. “Without much thought, we entered “123456” as the username and “123456” as the password and were surprised to see we were immediately logged in!”
While analyzing a test job post on McDonald’s McHire system, researchers viewed their application from the restaurant’s side and found a hidden API that let them access chat data. By slightly changing a number in the request (the lead_id), they were suddenly seeing personal info, like names, emails, phone numbers, and job details, from real McDonald’s applicants.
“We quickly realized this API allows us to access every chat interaction that has ever applied for a job at McDonald’s.” states the report.
Even more concerning, they could access chat history and even auth tokens to impersonate applicants. Realizing the scale, potentially all job applications ever submitted. The duo tried to alert Paradox.ai which quickly fixed the issue and announced security enhancements.
Below is the disclosure timeline:
- 06/30/2025 5:46PM ET: Disclosed to Paradox.ai and McDonald’s
- 06/30/2025 6:24PM ET: McDonald’s confirms receipt and requests technical details
- 06/30/2025 7:31PM ET: Credentials are no longer usable to access the app
- 07/01/2025 9:44PM ET: Followed up on status
- 07/01/2025 10:18PM ET: Paradox.ai confirms the issues have been resolved
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, privacy)