Security researchers found that they could use individual information from 64 million people who applied for a job in McDonald’s, by logging in with a large -scale company’s AI job to log in with user names and passwords “123456”.
Ian Carol and Sam Curry Written in a blog post That “during a few hours of cursory security review,” he found the password issue and another Simple safety vulnerability In an internal API, who allowed access to the previous conversation of the job applicants with a chatboat, called McHeire, contradicted to McDonald’s.
Individual data viewed by researchers included the names of the applicants, email addresses, home addresses and phone numbers.
Paradox.ai Written in a blog post It resolved the “within a few hours” issues after the reports of the researchers, and that “the candidate’s information at any point was not leaked online or made publicly available.”
Findings of researchers Previously reported by Wired,
