Panera Bread's website leaked customer records

The sign on the hood of a delivery truck for Panera Bread Co. is seen in Westminster Colorado

We will update this article if and when we hear back. On his LinkedIn page, Houlihan calls himself the managing principle of Break Bits that is based in NY and a data mining security consulting and reverse engineering practice.

Panera Bread is under fire for reportedly spending months ignoring a website flaw that exposed thousands of customers' personal information.

The truth is that it's a courageous organisation which promises it will never suffer a serious security incident. Often, in fact, the response to a security breach will be more critical to your company's brand than the incident itself. Sunset Hills-based Panera operates locally as St. Louis Bread Co. Let me explain why...

The information included names, email and physical addresses, birthdays and the last four digits of the credit card number of the customers who ordered for delivery of food on the company's website.

In a just-published Medium post with images of old email exchanges, Houlihan stated that he reached out via email, Twitter, and LinkedIn to Panera Bread's director of information security, Mike Gustavison, upon discovering the breach, but received no reply.

Reuters is reporting that Panera Bread is saying that the issue has been resolved.

More news: 'Smallville' Star Kristin Kreuk Denies "Sex Cult" Ties
More news: South Korea agrees to further open auto market to US
More news: Spain coach Julen Lopetegui satisfied after Germany draw

"Despite an explicit acknowledgement of the issue and a promise to fix it, Panera Bread sat on the vulnerability and, as far as I can tell, did nothing about it for eight months", Houlihan wrote.

The data breach may also affect customers of other catering companies that fall under Panera's commercial division.

Krebs, no doubt, assumed that the problem was being resolved.

Fast forward to early [Monday] afternoon - exactly eight months to the day after Houlihan first reported the problem - and data shared by Houlihan indicated the site was still leaking customer records in plain text. Let us know what you're thinking down in the comments.

@onsecurity now believes up to 37 million customer records may have been affected. At the time of writing, the website is now once again unavailable.

Related News:



Most liked

North Korea's Kim meets International Olympic Committee chief in Pyongyang
During his three day visit, Bach also met with North Korea's Sports Minister and National Olympic Committee chairman Kim Il-guk. North Korean leader Kim Jong Un is seen writing, in this still image taken from video released on Wednesday.

Oklahoma, Kentucky teachers strike for higher pay, education funding
But Jason Bailey with the Kentucky Center for Economic Policy says some people just above the poverty line would likely pay more . State troopers have been told to ration gasoline, social programs are strapped and prisons are overcrowded to risky levels.

'Condom challenge' is the latest, unsafe fad among teens
One of the first condom-snorting challenge videos was posted by YouTube star Savannah Strong in 2013, according to ABC News. Where would one see such a thing, you might ask? Many of these challenges are done for likes, clicks, shares, and attention.

David Hogg reacts to Laura Ingraham's apology
Only "Hannity", and "Tucker Carlson Tonight" on Fox and "The Rachel Maddow Show" on MSNBC delivered more viewers last month. Still, there must be a way for FNC to monetize viewer outrage that Ingraham's being targeted despite her apology.

Swansea boss Carvalhal: Mourinho v Shaw? I can't…
Alexis Sanchez teed up the Belgium worldwide , who saw his shot deflect past a helpless Lukasz Fabianski in the Swansea goal. Sanchez scored the second after a great through ball from Jesse Lingard.

Red-state teacher rebellion hits Oklahoma, grows in Arizona
Last week, Cache Independent School District Superintendent Chad Hance sent a letter to prepare parents for the walkout. On average, they'll get about $6,000, but many of them are still walking out of their classrooms on Monday.

BCCI bars Steve Smith, David Warner from IPL 2018
Cricket Australia's internal investigation has found them to have conspired to alter the condition of the ball at Newlands. In terms of Smith's future captaincy prospects, CA said that "would be conditional on acceptance by fans and the public".

Prisoner Hops In A Taxi At JFK Airport And Escapes ICE Custody
He then bolted, Port Authority police said. "Mbacke is described as being 6'3" tall and weighs approximately 190 pounds. Port Authority officials tell the station it was around 8:30 p.m. when the prisoner arrived on a plane at John F.

Cambridge Analytica boss to face United Kingdom government Facebook probe
Wylie also told the British lawmakers that Cambridge Analytica has offices in India and employed staff. The data breach was one of the biggest in the history of Facebook.

LiAngelo Ball declares for 2018 draft
So far, in 51 games played, he's averaging 10.2 points, 7.0 rebounds, and 7.3 assists while averaging 34.4 minutes. LiAngelo left the program after he was arrested for shoplifting in China and was suspended indefinitely.

Maltese scientists tracking China's space station fiery re-entry to Earth
A defunct Chinese space station is falling to Earth at 17,400 miles per hour and orbits about every 90 minutes. The Chinese space station Tiangong-1 continues its inexorable descent towards Earth.

Numerous European Nations Ready to Expel Russian Diplomats Over Ex-Spy Poisoning
Stoltenberg said he would also deny the pending accreditation request for three other Russian diplomats . Former GRU officer Sergei Skripal and his daughter Yulia were poisoned on 4 March.

Syria: Tiger Forces prepare for new battle outside of Ghouta
More pull-outs were expected Monday from the towns of Arbin and Zamalka and the neighbouring district of Jobar, all held by Faylaq al-Rahman.

Stormy Daniels sues Trump lawyer Michael Cohen for defamation
She then told him to turn around and drop his trousers - which he did - and she gave him a couple of swats. Lincoln, what did you think of the play?'" "And I was like, 'Ugh, here we go, '" she said.

Broad brands Australians hypocrites as ball-tampering row erupts
Du Plessis, generally forthright in his dealings with the media, was relatively diplomatic when asked whether Smith cheated. He added that he had spoken to CA authorities and requested them to take "decisive action".