Panera Bread is feeling the heat from news that their website released personal info of millions of customers.
Panera Bread's website reportedly leaked customer records for at least eight months. Krebs On Security said the data leak includes names, email and physical addresses, birthdays and the last four digits of credit card numbers of "millions" of customers who ordered food online on the company's website.
Panera was informed of the security breach by Researcher Dylan Houlihan. The company was identified and notified about the vulnerability as far back as last August, but the company did nothing about it until Monday.
Panera Bread says the issue has been resolved. In a statement, an official with Panera Bread said the, "investigation is continuing, but there is no evidence of payment card information nor a large number of records being accessed or retrieved.”
While Panera downplays the issue, Krebs says the “fix” is exposing catering clients and others, to the tune of possibly 37 million.