Panera Bread Data Breach Could Affect 37 Million Consumers | Eater

"An established bakery-cafe chain and early fast-casual pioneer disclosed that its website exposed personal data for nearly a year before the vulnerable page was taken offline, potentially affecting customers in the U.S. and Canada who used online ordering (including corporate and catering accounts). Reportedly exposed data included names, email and mailing addresses, birthdays, and the last four digits of credit cards, and the chain’s loyalty card numbers were also leaked — these are tied to prepaid accounts and can be used by anyone with the number. Security researcher Dylan Houlihan discovered the breach last year and says the company initially dismissed the report as a scam before acknowledging and working on a fix; independent estimates put affected consumers at least in the tens of millions, while the company claims fewer than 10,000 may have been impacted and says there is no evidence payment card data was accessed. Affected customers are advised to review account information, change passwords, and monitor their credit reports." - Daniela Galarza