Consumers who ordered food online from the bakery-cafe chain Panera Bread via the company’s website could potentially have had their payment information exposed.
Panerabread.com leaked eight months’ worth of customer records from its website, according to a report by KrebsOnSecurity.
The data leak included customer names, email and home addresses, birthdays, and the last four digits of credit card numbers. The beach affected "millions" of customers who ordered food on the company's website, panerabread.com, the blog post said.
Issue has been resolved
Panera claims that fewer than 10,000 consumers had potentially been affected by the breach and stated that the issue has since been resolved.
Although their investigation is ongoing, Panera maintains that there is no evidence of payment records or other large amounts of personal information being accessed or retrieved.
“Panera takes data security very seriously and this issue is resolved,” the company said in a statement. “Following reports today of a potential problem on our website, we suspended the functionality to repair the issue.”
“Our investigation is continuing, but there is no evidence of payment card information nor a large number of records being accessed or retrieved. Our investigation to date indicates that fewer than 10,000 consumers have been potentially affected by this issue and we are working diligently to finalize our investigation and take the appropriate next steps.”