Published: Wed, April 04, 2018
Finance | By Jaime Brady

Millions of Customer Records Leaked at Panera Bread

Millions of Customer Records Leaked at Panera Bread

The admission follows a report late yesterday by the blog KrebsOnSecurity claiming that Panera's breach lasted for eight months and likely leaked "millions of customer records", including "names, email and physical addresses, birthdays, and the last four digits of the customer's credit card number".

The bakery chain, which has more than 2,100 retail locations in the United States and Canada, allows customers to order food online for pickup in stores or for delivery. These records include email addresses, phone numbers, loyalty account numbers and home addresses.

According to Quartz, the data leak was discovered a year ago by Dylan Houlihan, the managing principal of New York-based Breaking Bits, a "data mining, reverse engineering and security consulting practice". This time it's Panera Bread that's reporting a possible data leak.

SpaceX Launching Supplies To International Space Station
Quartz reports that SpaceX is working through its existing Falcon 9 boosters ahead of a new version later this month. For more about some of the cool science leaving the planet today, watch the NASA video below.

North Korean leader attends concert by South Korean pop stars
She made a surprise appearance alongside a North Korean classical music ensemble during their performance in Seoul last month. South Korean girl band Red Velvet is seen after their performance in Pyongyang, North Korea, Sunday, April 1, 2018.

OnePlus 6 will have 'the speed you need' according to official teaser
It will be powered by Qualcomm Snapdragon 845 SoC, with an option for either 6GB or 8GB of RAM, and up to 256GB internal storage. For photography, the smartphone will come equipped with a dual rear camera setup with a combination of a 12MP and 20MP sensors.

Last August, Houlihan finally was introduced to the director of security with Panera and was told that Panera was working on a resolution. That eventually changed as the URLs of Panera now lead to a page that says, "access denied". In statements to Fox Business after Krebs published his piece, Panera's chief information officer John Meister called the issue "resolved" and said that the leaks affected "fewer than 10,000 consumers". It has since returned, and the data is no longer reachable. KrebsOnSecurity said the incremenatal customer numbers indexed by the site suggest that the number may be higher than 7 million, and it's also uncertain whether Panera customer account passwords may have been impacted.

"Following reports today of a potential problem on our website, we suspended the functionality to fix the issue", Meister continued.

"Now, after I was reassured this would be fixed, I checked on this vulnerability every month or so because my own data is in there, which means I'm personally affected by it", Houlihan wrote.

Like this: