McDonald’s AI hiring breach: what NHI teams need to fix

TL;DR: McDonald’s AI hiring platform exposed data from an estimated 64 million applicants after a default admin credential of 123456 and an IDOR flaw let researchers reach live records, according to Oasis Security. The case shows how weak NHI governance, not just application logic, can turn an AI workflow into a broad exposure event.

NHIMG editorial — based on content published by Oasis Security covering the McDonald’s AI hiring tool breach: McDonald’s AI Hiring Tool Breach: A Wake-Up Call for Non-Human Identity Security

By the numbers:

• Enterprise AI adoption grew by 187% between 2023 and 2025.
• Security spending increased by only 43% during the same period.

Questions worth separating out

Q: What breaks when default credentials exist on an AI workflow account?

A: A default credential turns a non-human identity into a ready-made entry point, especially when the account sits behind a chatbot, hiring portal, or API gateway.

Q: Why do AI hiring tools increase non-human identity risk?

A: AI hiring tools concentrate sensitive workflow access into service accounts, admin panels, and API calls that often sit outside normal human IAM review.

Q: What do teams get wrong about IDOR in AI applications?

A: Teams often treat IDOR as a simple application bug, but in AI-driven workflows it is also an authorisation problem tied to backend identity scope.

Practitioner guidance

• Eliminate default credentials on all AI workflow administrators Inventory every bot, admin panel, and service account tied to AI-enabled hiring or intake systems, then force unique secrets before go-live.
• Test object-level authorisation on applicant and customer APIs Run IDOR-focused tests against every API exposed behind an AI interface, including sequential identifier checks and permission boundary validation.
• Treat chatbot backends as privileged NHI surfaces Classify the backend identities that support AI hiring, support, or onboarding as high-risk non-human accounts and review their scopes separately from the user-facing application.

What's in the full analysis

Oasis Security's full blog post covers the operational detail this post intentionally leaves for the source:

• The specific McHire access path, including the default administrator credential and how the live hiring environment was reached.
• The step-by-step IDOR behavior that let records be enumerated sequentially, which implementation teams can use for testing.
• The vendor's recommended discovery, rotation, and decommissioning approach for non-human identities tied to AI workflows.
• The platform-specific monitoring and anomaly-detection functions described by the vendor for compromised NHI usage.

👉 Read Oasis Security’s analysis of the McDonald’s AI hiring tool breach →

McDonald’s AI hiring breach: what NHI teams need to fix?

Explore further

View Full Forum →  |  NHI Foundation Course →