Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai.
I hate any company that uses or builds AI to screen out hires so, so much. Tagging metadata is OK, but filtering is just evil (am/have been a hiring manager).
The company also added that it’s instituting a bug bounty program to better catch security vulnerabilities in the future. “We do not take this matter lightly, even though it was resolved swiftly and effectively,”
I also hate it more that I can’t hate them for doing the right thing.
They only did the right thing after getting caught openly doing the wrong thing, so I’d say I’d still be pissed.
They should have never put the system in place with such a simple vulnerability (which to me) says they take such a laxodasical approach to security that I wouldn’t trust them even now.
I hate any company that uses or builds AI to screen out hires so, so much. Tagging metadata is OK, but filtering is just evil (am/have been a hiring manager).
I also hate it more that I can’t hate them for doing the right thing.
They only did the right thing after getting caught openly doing the wrong thing, so I’d say I’d still be pissed.
They should have never put the system in place with such a simple vulnerability (which to me) says they take such a laxodasical approach to security that I wouldn’t trust them even now.