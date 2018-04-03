Panera Bread is the latest company to be hit by a data breach that exposed the information of its customers.
Here’s what you should know about it:
- The food chain said in a statement to Fox News that it resolved a data breach that revealed the personal information of thousands of its customers’ records.
- Panera Bread first learned about the issue through security researcher Dylan Houlihan eight months ago, but assumed it was a probable scam.
- The data breach reveals customer data in plain text, including records for any customer who signed up to order food through the company’s website.
- Information revealed includes the names of individuals, emails, physical addresses, birthdays and the last four digits of the credit cards they used.
- The Panera data breach is formatted through incremental unique identifiers, making it easy to attain. “Panera Bread uses sequential integers for account IDs,” Houlihan told KrebsOnSecurity, “which means that if your goal is to gather as much information as you can instead about someone, you can simply increment through the accounts and collect as much as you’d like, up to and including the entire database.”
- The company reportedly discovered that Houlihan’s findings were true and Panera was working on a fix. However, the company was still leaking data as of yesterday.
- The chain briefly took its website down yesterday but it is now back online.