News

Millions of customer records leaked by Panerabread.com

Tuesday 3 April 2018 09:42 CET | News

Panerabread.com, the website for the US-based chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records, according to KrebsOnSecurity.

Security expert Brian Krebs said on his blog that personal details such as names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number have been accessed by criminals since August 2017. The company has more than 2,100 retail locations in the United States and Canada and it allows customers to order food online for pickup in stores or for delivery. Thus, customers who have signed up for an account to order food online via panerabread.com may have had their account attacked.

After this story was published, Panera gave a statement to Fox News stating that only 10,000 customer records were exposed. However, it is not clear how many Panera customer records may have been exposed by the company’s leaky website, but incremental customer numbers indexed by the site suggest that number may be higher than seven million, the security expert continues. Also, it is unclear whether Panera customer account passwords have been impacted.

In addition, the vulnerabilities also appear to have extended to the restaurant’s commercial division which serves countless catering companies. At last count, the number of customer records exposed in this breach appears to exceed 37 million, Brian Krebs concluded.


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Panera bread, data breach, KrebsOnSecurity, US, Canada, personal details, credit card number, online security, fraud prevention
Categories: Securing Transactions | Digital Identity, Security & Online Fraud
Countries: World
This article is part of category

Securing Transactions