37 Million Panera Bread Customers Left Exposed

Spread the love

What happened?

Another day, another breach. This time, the spotlight is on nationwide restaurant chain Panera Bread.

Panera Bread recently confirmed a data breach that exposed up to 37 million customers. Names, email addresses, home addresses, phone numbers, birth dates, customer loyalty account numbers and the last four digits of saved credit cards were exposed.


Scope of Breach

  • Vulnerability first detected by security researcher Dylan Houlihan in August 2017
  • Up to 37 million customers impacted
  • Names, email addresses, home addresses, phone numbers, birth dates, customer loyalty account numbers and the last four digits of saved credit cards were compromised

Breach Timeline

The breach comes to light after security researcher Dylan Houlihan found a vulnerability on Panerabread.com – in August 2017. The vulnerability left Panera customer registration data accessible to the public.

Houlihan informed Panera Bread of the vulnerability when it was first found in August 2017. However, the leak was left unaddressed for nearly eight months, he said.

Panera Bread Chief Information Officer John Meister told Fox News that “fewer than 10,000 consumers have been potentially affected by this issue.” However, security expert Brian Krebs (KrebsOnSecurity) believes that number is closer to 37 million, not 10,000.

Even though payment information was not exposed, Krebs explains that even a customer loyalty account number can be misused. Identity thieves could use these numbers to identify customer files without needing their personal information, as well as abuse any prepaid funds existing on the account.

What should you do?

If you’ve been impacted by this breach, follow the tips below to prevent further misuse of your information:

  • Change the passwords to your email and Panera Bread loyalty accounts. Be sure to use strong passwords, and avoid reusing the same passwords for multiple accounts.
  • Be wary of calls you may receive shortly after the breach. Identity thieves can use the exposed information from the breach to target you in social engineering scams.
  • Secure any prepaid funds and saved payment cards associated with your Panera loyalty accounts.
  • Keep an eye on your financial statements and account balances to spot suspicious activity on your accounts.
  • Consider placing your phone number on the Do Not Call registry to avoid scam calls and other solicitors.


VISIT THE SOURCE ARTICLE
Author: John Burcham

Copyright © 2018 MINDSCULPT.ME