McDonalds’ recruitme system, designed by Paradox.ai Artificial Ielligence Company and managing Olivia’s chat robot, has been at stake in rece weeks due to low level security vulnerabilities, the personal information of millions of job applicas has been at stake.
Two cyber security researchers, Ian Carroll and Sam Kerry, were able to easily access the platform’s administrator accou by guessing the weak password “1” and accessing the McDonalds databases. The disclosed data includes the name, email and phone number of the applicas and all their conversations with the Olivia robot.
This security defect, approved by Paradox.ai as a result of the absence of old test accous, shows that a significa portion of the applicas’ records was visible. However, the company has said that other hackers have not been logged in except the two researchers, and the problem has been resolved quickly.
Experts warn that this type of information can be used by fraudsters to carry out phishing attacks or financial frauds, especially given that these data are for those looking to hire McDonalds.
McDonalds, while emphasizing the importance of cyber security, considered the complete responsibility for the third person Paradox.ai Company and announced that urge measures have been taken to fix it. Paradox.ai will also promise bug rewards programs to preve similar things.
The incide once again warns that even in artificial ielligence and automation projects, security issues should not be overlooked and that data protection should be a priority.
