Panera Bread Leak May Have Affected 37 Million Accounts

rgMekanic

[H]ard|News
Joined
May 13, 2013
Messages
5,916
On April 2nd we covered that Panera Bread had apparently left millions of customer information available, as plain text, for the last 8 months. Shortly after the story was published, Panera Bread gave a statement to FOX Business stating:

"Our investigation to date indicates that fewer than 10,000 consumers have been potentially affected by this issue, and we are working diligently to finalize our investigation and take the appropriate next steps."

Now, more data has come out according to the original source KrebsOnSecurity, that between the links they had found, as well as subsequent links share by Hold Security indicate that the breach may be far larger than the 7 million initially reported. Krebs states that the vulnerabilities may extend into Panera Bread's commercial division, which services catering companies. At last count, the number of records exposed exceeds 37 million.
 

Haste266

Supreme [H]ardness
Joined
Sep 27, 2005
Messages
7,750
The only thing I am concerned with is how far back do the records go? I haven't eaten at a Panera Bread recently.
 

raz-0

Supreme [H]ardness
Joined
Mar 9, 2003
Messages
4,900
It's more than they originally announced? No way!

The level of competency exhibited in this so far is laughable.

Panera: Serves up data in clear text.

Security dude: Please stop this it is bad.

Panera: fixed.

Security dude: Simply requiring that someone made a free panera account to reach the plain text customer data is NOT fixing it!

Panera: hunh?
 

Gweenz

[H]ard|Gawd
Joined
Dec 18, 2003
Messages
1,216
The level of competency exhibited in this so far is laughable.

Panera: Serves up data in clear text.

Security dude: Please stop this it is bad.

Panera: fixed.

Security dude: Simply requiring that someone made a free panera account to reach the plain text customer data is NOT fixing it!

Panera: hunh?

I haven't read much about this particular breach, but that is absolutely pathetic, and not at all surprising.
 

thesmokingman

Supreme [H]ardness
Joined
Nov 22, 2008
Messages
6,617
Where's that dude that was defending panera post after post in the other thread?
 

Sedriss

Limp Gawd
Joined
Oct 18, 2004
Messages
393
Screw Panera after they ruined my Italian Combo... But ya I would like to know how far back it goes. It's been almost a year or so since I ate there last.
 

scojer

[H]F Junkie
Joined
Jun 13, 2009
Messages
8,359
So before it was only those with accounts. I haven't read up on it since, but is it anyone now? I don't have an account but ate there in the past 6 months. Did my CC info get compromised... again?
 

WhoMe

Gawd
Joined
Jan 3, 2018
Messages
827
37 million? No wonder this country has weight problem. ;) I always pay cash at the grocery store so what I eat is between me and my checker and bagger. Same applies everywhere now. My favorite was reading about the data the marijuana sellers collect, and they are a cash business. This world is going to collapse into a black hole with the weight of all the data being collected everywhere.
 

sparks

2[H]4U
Joined
Jun 19, 2004
Messages
3,206
appropriate next steps ROFL

just like the rest of these companies.....WE WILL MAKE EXCUSES while we cover our ass and customer, oh yea F the customer
 

RPKYGK

Weaksauce
Joined
Jan 1, 2018
Messages
101
Who the hell gives their info to a bread store. What a world. Don't want to miss out on 99 cent dinner rolls I guess!
 

Eickst

[H]ard|Gawd
Joined
Aug 24, 2005
Messages
1,884
What happened to the days of the punch out loyalty card? Why do I have to have an app
 

danc3

Weaksauce
Joined
Jan 13, 2015
Messages
117
Applebee's, MyFitnessPal and now this...

Gonna stick with cash until companies take data and security more seriously.
 

pgaster

[H]ard|Gawd
Joined
May 17, 2008
Messages
1,378
Talk about stretching the facts, " fewer than 10,000 consumers" equals 37 million.

You need to read the whole thing:

"Krebs states that the vulnerabilities may extend into Panera Bread's commercial division, which services catering companies. At last count, the number of records exposed exceeds 37 million."
 
Top