Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Entities

McDonald's

Incidents involved as both Developer and Deployer

Incident 11792 Report
McDonald's McHire AI Recruitment Platform Reportedly Exposed Data of 64 Million Applicants via Default Login and API Vulnerability

2025-06-30

Researchers Ian Carroll and Sam Curry reported that McDonald's AI-powered hiring tool, McHire (using Paradox.ai's "Olivia" chatbot), could purportedly be accessed via default admin credentials and an insecure direct object reference in an internal API. The flaws allegedly allowed viewing of applicants' personally identifiable information and chat histories. McDonald's and Paradox reportedly patched the issues within a day of disclosure; Paradox stated only five records were accessed.

More

Incident 5491 Report
Fast Food Chains' AI Chatbots Failed to Assist Job Applicants with Scheduling Interviews

2023-01-05

McDonald's, Wendy's, and Hardee's AI chatbots deployed to pre-screen job candidates and schedule interviews reportedly ran into issues such as not giving useful submission instructions, failing to relay information to the manager, and scheduling an interview when the manager was not available.

More

Incidents involved as Deployer

Incident 4756 Report
McDonald's Reportedly Ends IBM Partnership After AI Drive-Thru Ordering Errors at U.S. Locations

2021-06-02

Between 2021 and mid-2024, McDonald's reportedly piloted an AI-enabled voice ordering system that was developed with IBM and based on its 2019 acquisition of Apprente. It was reportedly deployed at at over 100 U.S. drive-thrus. Social media posts alleged frequent misorders, such as adding unwanted items, mixing adjacent lane orders, and ignoring corrections. In June 2024, McDonald's confirmed it ended the IBM pilot, citing plans to explore alternative voice-AI vendors.

More

Incident 3603 Report
McDonald's AI Drive-Thru Allegedly Collected Biometric Customer Data without Consent, Violating BIPA

2021-10-15

McDonald's use of chatbot in its AI drive-through in Chicago was alleged in a lawsuit to have collected and processed voice data without user consent to predict customer information, which violated Illinois Biometric Information Privacy Act (BIPA).

More

Related Entities
Other entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.
 

Entity

McD Tech Labs

Incidents involved as Developer
  • Incident 360
    3 Reports

    McDonald's AI Drive-Thru Allegedly Collected Biometric Customer Data without Consent, Violating BIPA

More
Entity

Apprente

Incidents involved as Developer
  • Incident 360
    3 Reports

    McDonald's AI Drive-Thru Allegedly Collected Biometric Customer Data without Consent, Violating BIPA

More
Entity

Shannon Carpenter

Incidents Harmed By
  • Incident 360
    3 Reports

    McDonald's AI Drive-Thru Allegedly Collected Biometric Customer Data without Consent, Violating BIPA

More
Entity

McDonald's customers residing in Illinois

Incidents Harmed By
  • Incident 360
    3 Reports

    McDonald's AI Drive-Thru Allegedly Collected Biometric Customer Data without Consent, Violating BIPA

More
Entity

McDonald's customers

Incidents Harmed By
  • Incident 475
    6 Reports

    McDonald's Reportedly Ends IBM Partnership After AI Drive-Thru Ordering Errors at U.S. Locations

  • Incident 360
    3 Reports

    McDonald's AI Drive-Thru Allegedly Collected Biometric Customer Data without Consent, Violating BIPA

More
Entity

IBM

Incidents involved as Developer
  • Incident 475
    6 Reports

    McDonald's Reportedly Ends IBM Partnership After AI Drive-Thru Ordering Errors at U.S. Locations

More
Entity

McDonald’s Automated Order Taking (AOT) voice AI system

Incidents implicated systems
  • Incident 475
    6 Reports

    McDonald's Reportedly Ends IBM Partnership After AI Drive-Thru Ordering Errors at U.S. Locations

More
Entity

Wendy's

Incidents involved as both Developer and Deployer
  • Incident 549
    1 Report

    Fast Food Chains' AI Chatbots Failed to Assist Job Applicants with Scheduling Interviews

More
Entity

Hardee's

Incidents involved as both Developer and Deployer
  • Incident 549
    1 Report

    Fast Food Chains' AI Chatbots Failed to Assist Job Applicants with Scheduling Interviews

More
Entity

fast food job applicants

Incidents Harmed By
  • Incident 549
    1 Report

    Fast Food Chains' AI Chatbots Failed to Assist Job Applicants with Scheduling Interviews

More
Entity

Amanda Claypool

Incidents Harmed By
  • Incident 549
    1 Report

    Fast Food Chains' AI Chatbots Failed to Assist Job Applicants with Scheduling Interviews

More
Entity

Paradox.ai

Incidents involved as both Developer and Deployer
  • Incident 1179
    2 Reports

    McDonald's McHire AI Recruitment Platform Reportedly Exposed Data of 64 Million Applicants via Default Login and API Vulnerability

More
Entity

McDonald's applicants

Incidents Harmed By
  • Incident 1179
    2 Reports

    McDonald's McHire AI Recruitment Platform Reportedly Exposed Data of 64 Million Applicants via Default Login and API Vulnerability

More
Entity

McHire

Incidents implicated systems
  • Incident 1179
    2 Reports

    McDonald's McHire AI Recruitment Platform Reportedly Exposed Data of 64 Million Applicants via Default Login and API Vulnerability

More
Entity

Paradox.ai's Olivia chatbot

Incidents implicated systems
  • Incident 1179
    2 Reports

    McDonald's McHire AI Recruitment Platform Reportedly Exposed Data of 64 Million Applicants via Default Login and API Vulnerability

More

Research

  • Defining an “AI Incident”
  • Defining an “AI Incident Response”
  • Database Roadmap
  • Related Work
  • Download Complete Database

Project and Community

  • About
  • Contact and Follow
  • Apps and Summaries
  • Editor’s Guide

Incidents

  • All Incidents in List Form
  • Flagged Incidents
  • Submission Queue
  • Classifications View
  • Taxonomies

2024 - AI Incident Database

  • Terms of use
  • Privacy Policy
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • b9764d4