AI Hiring Tool Breaches Millions of Data with Password ‘123456’: McDonald’s Data Breach
“Due to the excessive use of AI Tools, we have become too dependent on AI. Recently, McDonald’s confronted significant problems via various loopholes in its AI chatbot platform for job apps.”
When it comes to difficult tasks like collecting data or recruiting new staff, AI truly makes the job easier. These days, many businesses have begun depending on AI to complete tasks. However, McDonald’s had to pay an enormous fee for the same dependability.
Sam Curry and Ian Carroll, security researchers, have found some significant flaws in McDonald’s McHire.com AI chatbot platform, which handles the company’s employment applications.
Revelation In The Research?
Research has shown that millions of job seekers’ personal information was vulnerable to hackers due to the chatbot’s inadequate security system. Researchers discovered web-based flaws in the model, such as the ability to access the system’s backend with the simple password ‘123456.’
This incident makes it abundantly evident that strict measures are needed to protect users’ confidential data from hackers.
Researchers
| Over 64 million records, including phone numbers, email addresses, and application names, may have been compromised. Although Curry and Carroll were unwilling to go far into the database, their initial examination has confirmed that the content is authentic and vulnerable to phishing attacks.
If the information ends up in the wrong hands, it could be exploited to defraud desperate applicants. |
Background Details
| Paradox.ai is in charge of running the AI hiring system. The business has previously acknowledged the breach problem and implemented the necessary fixes. In order to stop this kind of problem from endangering users, they have also declared their intention to implement a bug bounty program. |
About The Author
Suraj Koli is a content specialist in technical writing about cybersecurity & information security. He has written many amazing articles related to cybersecurity concepts, with the latest trends in cyber awareness and ethical hacking. Find out more about “Him.”
Read More:
Retired IAF Staffer Got Duped of 33 Lakhs in a Policy Scam by Cybercriminals
About Author
English