On April 2nd we covered that Panera Bread had apparently left millions of customer information available, as plain text, for the last 8 months. Shortly after the story was published, Panera Bread gave a statement to FOX Business stating:
"Our investigation to date indicates that fewer than 10,000 consumers have been potentially affected by this issue, and we are working diligently to finalize our investigation and take the appropriate next steps."
Now, more data has come out according to the original source KrebsOnSecurity, that between the links they had found, as well as subsequent links share by Hold Security indicate that the breach may be far larger than the 7 million initially reported. Krebs states that the vulnerabilities may extend into Panera Bread's commercial division, which services catering companies. At last count, the number of records exposed exceeds 37 million.
"Our investigation to date indicates that fewer than 10,000 consumers have been potentially affected by this issue, and we are working diligently to finalize our investigation and take the appropriate next steps."
Now, more data has come out according to the original source KrebsOnSecurity, that between the links they had found, as well as subsequent links share by Hold Security indicate that the breach may be far larger than the 7 million initially reported. Krebs states that the vulnerabilities may extend into Panera Bread's commercial division, which services catering companies. At last count, the number of records exposed exceeds 37 million.