Fast-food chain McDonald's has made news because of an AI chatbot flaw:

"McDonald’s AI Hiring Bot Exposed Millions of Applicants' Data to Hackers Using the Password ‘123456’" (Wired)

In its own statement to WIRED, McDonald’s agreed that Paradox.ai was to blame. “We’re disappointed by this unacceptable vulnerability from a third-party provider, Paradox.ai. As soon as we learned of the issue, we mandated Paradox.ai to remediate the issue immediately, and it was resolved on the same day it was reported to us,” the statement reads. “We take our commitment to cyber security seriously and will continue to hold our third-party providers accountable to meeting our standards of data protection.”

Periodic reminder: the more sensitive the data – that is, the more susceptible it is to misuse – the more effort you must use in securing it.

Don't collect data you can't protect!