Mastodawn

“Pretty uniquely dystopian compared to a normal hiring process, right? And that's what made me want to look into it more,” says @iangcarroll. “After 30 minutes, we had full access to virtually every application that's ever been made to McDonald's going back years.”

Andy Greenberg 4d ago

McDonald's uses an AI chatbot called "Olivia" for hiring. A pair of hackers found they could access every conversation job applicants had with it—including all the personal info they shared—by exploiting security vulnerabilities as basic as using the password "123456".

https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/

McDonald’s AI Hiring Bot Exposed Millions of Applicants' Data to Hackers Using the Password ‘123456’

Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai.

WIRED

Show thread

Andy Greenberg Jul 3

Out today in the UK! (And Australia!)

Andy Greenberg Jun 30

In 3 days, a slick new UK edition of Sandworm comes out with a new cover and new foreword that aims to capture in a few pages the events of the 5+ years since the book first published: www.amazon.co.uk/Operation-Sa...

The publisher has tweaked the title to "Operation Sandworm" for UK reasons I don't entirely understand, but it's the same book, and hopefully will now reach a new audience.

https://www.amazon.co.uk/Operation-Sandworm-Hunt-Kremlins-Invisible/dp/1800963130

Andy Greenberg Jun 27

Wishing everyone a contemplative NotPetya/Khouzestan steel mill cyberattack/Live Free or Diehard theatrical premiere day.

(No I don't think all these cyberwar-related events are actually connected just because they happened on the same date but this stuff is in my brain so now it's in yours.)

Andy Greenberg Jun 27

Somehow it's considered antisemitic to protest this in America or suggest it should be resisted. In fact, it's antisemitic to think that this has anything to do with judaism rather than a murderous regime's campaign of conquest. https://www.haaretz.com/israel-news/2025-06-27/ty-article-magazine/.premium/idf-soldiers-ordered-to-shoot-deliberately-at-unarmed-gazans-waiting-for-humanitarian-aid/00000197-ad8e-de01-a39f-ffbe33780000

Show thread

Andy Greenberg Jun 23

The operations that use these markets enslave tens of thousands of people across SE Asia. As former prosecutor Erin West puts it, Telegram has "the ability to shut down a scam economy and the trafficking of human beings. Instead, they’re hosting Craigslist for crypto scammers.”

Show thread

Andy Greenberg Jun 23

Instead Telegram sent me a statement about helping users achieve "financial autonomy" in China despite capital controls there.

But Elliptic points out these markets offer scammers money laundering, stolen data for targeting and other assorted illicit services like prostitution.

Show thread

Andy Greenberg Jun 23

After its takedowns last month, crypto tracing firm Elliptic warned Telegram that the scammers and their enablers would just shift to the next-biggest markets, and shared an extensive list of their channels and usernames with Telegram. It declined to ban any of them.

Andy Greenberg Jun 23

A month ago, Telegram banned the two biggest black markets for crypto scammer services, hosted on its platform, which had done $35 billion in transactions.

Then it watched those markets rebuild to their previous size and has done nothing to stop them.

https://www.wired.com/story/telegram-purged-chinese-crypto-scam-markets-then-let-them-rebuild/

Telegram Purged Chinese Crypto Scam Markets—Then Watched as They Rebuilt

Last month, Telegram banned black markets that sold tens of billions of dollars in crypto scam-related services. Now, as those markets rebrand and bounce back, it’s done nothing to stop them.

WIRED

Website:	https://andygreenberg.net/
WIRED page:	https://www.wired.com/author/andy-greenberg/
Birdsite:	https://twitter.com/a_greenberg
Bluesky:	@agreenberg.bksy.social