News

Panera website leaked customer data, claims security researcher

April 3, 2018

Panera Bread's website "leaked" millions of consumer data records, from emails to credit card digits, for at least eight months, according to a KrebsOnSecurity report.

The compromised data includes records relating to consumers signed up to order food online via the site. The data also included names, physical address and birthday information.

The security firm stated it learned about the breach from Dylan Houlihan, a security researcher. Houlihan claims he alerted Panera shortly after discovering the data leak, back in early August 2017.

KrebsOnSecurity stated the site was still leaking data as of this week. Panera is investigating and said in a statement that there is no evidence payment card data was accessed or retrieved.