Report: Customer records leaked on Panera ordering website
An internet security investigator is reporting that a website used by Panera Bread leaked millions of customer records over an eight-month period.
An internet security investigator is reporting that a website used by Panera Bread leaked millions of customer records over an eight-month period.
According to KrebsOnSecurity.com, names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number were available on Panerabread.com until Monday.
According to former Washington Post reporter Brian Krebs, data on customers who signed up for an account to order food online appeared in plain text.
Krebs reports that anyone could search for customer information including phone number, email address, physical address or loyalty account number.
Panera was alerted about the data leakage in early August 2017 and said it was fixing the problem then, according to Krebs.
KrebsOnSecurity says the company website was briefly taken offline after they spoke with Panera Chief Information Officer John Meister by phone Monday.
The website was put back online later Monday, but the data no longer appeared to be reachable, according to Krebs.
Reuters is reporting that Panera Bread is saying that the issue has been resolved.
