McDonald’s has outsourced the early stages of its hiring process to an AI-powered chatbot—an approach that, according to security researchers, appears to lack basic safeguards.
Researchers discovered they could access sensitive applicant data by simply guessing a username and using the weak password “12345.” This exploit potentially exposed the personal information of up to 64 million job applicants.
As reported by Wired, roughly 90% of McDonald’s franchisees rely on the McHire platform to collect applicant data and administer personality assessments. However, the chatbot itself has drawn criticism for being rigid and unhelpful, unable to respond to queries that fall outside its pre-programmed script—an all-too-common flaw in many chatbot systems.
Still, revealing sensitive data from millions of applicants should never be part of the experience.
To probe the system’s security, the researchers first submitted a fake job application, allowing them to examine the administrative interface used by restaurant managers. While they attempted prompt injection—where attackers manipulate AI by embedding hidden instructions in user input—this method failed when the process reached the point where a human interviewer typically takes over.
Shifting focus, the researchers then examined the backend and stumbled upon a login page for restaurant administrators. Shockingly, the system accepted a default username and password combination—123456:123456—granting them access to a test restaurant’s administrative dashboard within McHire.
Once inside, they found the application they had submitted and uncovered a vulnerability in the platform’s API. This flaw provided access to what appeared to be nearly every job application submitted to McDonald’s in recent years.
The entire process took less than 30 minutes. To confirm the validity of the data, the researchers reviewed a small sample of records and contacted a few applicants—who confirmed they had indeed applied, verifying the authenticity and scope of the exposed information.