Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai.
I hate any company that uses or builds AI to screen out hires so, so much. Tagging metadata is OK, but filtering is just evil (am/have been a hiring manager).
The company also added that it’s instituting a bug bounty program to better catch security vulnerabilities in the future. “We do not take this matter lightly, even though it was resolved swiftly and effectively,”
I also hate it more that I can’t hate them for doing the right thing.
They only did the right thing after getting caught openly doing the wrong thing, so I’d say I’d still be pissed.
They should have never put the system in place with such a simple vulnerability (which to me) says they take such a laxodasical approach to security that I wouldn’t trust them even now.
Speak for yourself, I’m holding out hope that the universe is actually a little fair, and that the dolt responsible to creating that password, and subsequently fucking over millions of people has their testicles ruptured. Who are these idiots?
I hate any company that uses or builds AI to screen out hires so, so much. Tagging metadata is OK, but filtering is just evil (am/have been a hiring manager).
I also hate it more that I can’t hate them for doing the right thing.
They only did the right thing after getting caught openly doing the wrong thing, so I’d say I’d still be pissed.
They should have never put the system in place with such a simple vulnerability (which to me) says they take such a laxodasical approach to security that I wouldn’t trust them even now.
Speak for yourself, I’m holding out hope that the universe is actually a little fair, and that the dolt responsible to creating that password, and subsequently fucking over millions of people has their testicles ruptured. Who are these idiots?