NPR

For Months, Panera Bread Website Reportedly Exposed Millions Of Customer Records

Panera's response was "half-baked," security analyst Brian Krebs said. Another researcher says he alerted the company to a "massive" flaw issue last August.
Panera Bread's website went down for part of Monday — eight months after the chain was warned that its site wasn't protecting sensitive customer data. Source: Joe Raedle

It started with a warning email last summer, from a security researcher who told Panera Bread that its website was exposing sensitive customer data. But after the problem went unfixed for months, the researcher went public with proof of the flaw. Another analyst said Panera's response was "half-baked."

"Originally I was content to wait eight months for Panera to fix this on their own," researcher Dylan Houlihan said in his story on the Medium website. "But this is ridiculous."

After the issue was flagged on Monday, Panera's website was taken down.

Sie lesen eine Vorschau. Registrieren Sie sich, um mehr zu lesen.

Mehr von NPR

NPR3 min gelesenMedical
FDA Authorizes Johnson & Johnson's One-Shot COVID-19 Vaccine
The Food and Drug Administration gave Johnson & Johnson's vaccine the green light for emergency use Saturday, a day after a panel of advisers to the agency endorsed it in a unanimous vote.
NPR3 min gelesen
To Summarize, 'Infinite Country' Can Be Frustrating
Patricia Engels' novel about the experiences of a Colombian family migrating to the U.S. stands out for its sharp writing — but frustrates in equal measure because of its reliance on summary.
NPR2 min gelesenCrime & Violence
Dozens Of Kidnapped Nigerian Students Freed; Hundreds Of Others Still Missing
The students, who were taken from a school more than a week ago, say they were beaten by the kidnappers. Police are still looking for hundreds of schoolgirls kidnapped Friday.