2025-07
Data Leakage
McDonald's / Paradox.ai (McHire)

McDonald's McHire AI hiring chatbot exposed up to 64M applicants via default password

What happened

Researchers logged into the admin backend of McDonald's AI hiring chatbot McHire, built by Paradox.ai, using the default credentials '123456'. An insecure direct object reference then let them enumerate applicant records by ID.

Impact

Personal data and chat transcripts of up to 64 million job applicants were exposed, though Paradox said only a handful of records were actually accessed before a same-day fix.

How this could have been prevented

Default credentials must be forbidden and IDOR-style access controls enforced, especially on AI systems handling mass volumes of applicant PII.

Sources

More data leakage incidents

Would runtime governance have caught this?

Guardion enforces policy on every agent action inline — with visibility, tamper-evident evidence, and DLP for agents and MCPs.

Request a demo