As large language models (LLMs) become ever more integrated into the platforms that define daily life, major flaws in the software’s security capabilities are starting to show.
McDonald’s is among the growing list of companies that have quickly shoehorned LLM chatbots into their hiring systems, consequences be damned. Its Paradox.ai-built chatbot, which McDonald’s calls a “virtual recruiting assistant,” goes by the name Olivia.
Olivia is more than happy to help applicants find jobs near them through a fake-live chat, complete with a photo of a human worker to make the whole thing that much more uncanny.
As a chatbot, Olivia’s not that remarkable. It ushers job seekers through a maze of incomprehensible personality tests and screening questions, complete with the infuriating hallucinations one can expect to run into with an LLM.
However, to a hacker who knows how to crack LLMs, Olivia is a treasure trove waiting to be uncovered.
As first reported by Wired, Olivia had some astonishing security defects hiding just beneath its faux-human skin. With the right knowledge, a hacker could access the chatlogs of 64 million McDonald’s applicants, including personal details, such as full names, email addresses, phone numbers, addresses, work availability, and raw chat data.
Olivia’s jaw-dropping weakness was discovered by cybersecurity researchers Ian Carroll and Sam Curry, who were able to break into the backend of the Paradox.ai LLM using the username and password “123456.” From there, the white hat hackers were able to access the AI company’s “test restaurant,” giving them a glimpse at how the whole thing worked.
“It turned out we had become the administrator of a test restaurant inside the McHire system,” Carroll wrote on his blog. Since they were still confined to Paradox.ai’s testing software, the pair decided to apply for one of the trial postings to study the process.
By diving into the code behind the application, they quickly found a parameter indicating their application number, 64,185,742. When they tried to follow the application directly below theirs, they came face to face with another job seeker’s personal info, unmasked for the whole world to see.
“We quickly realized this [system] allows us to access every chat interaction that has ever applied for a job at McDonald’s,” Carroll wrote.
“We immediately began disclosure of this issue once we realized the potential impact,” wrote Carroll. “Unfortunately, no disclosure contacts were publicly available and we had to resort to emailing random people.”
“The Paradox.ai security page just says that we do not have to worry about security!” he added.
The internal vulnerability has since been patched by Paradox, and the admin password is no longer 123456. Still, it’s a crystal clear demonstration of how irresponsible some early LLM adoption has been.
More on hacking: Iranian Hackers Threaten to Release Stolen Emails From Trump’s Inner Circle
Source link
#McDonalds #Idiotic #Hiring #System #Leaked #Personal #Data #Millions #Job #Applicants
