Here's your daily reminder there's no such thing as true security.
Panera Bread,Watch Watery Boarding House Online the beloved St. Louis-based bakery chain, is the latest company to show how much it doesn't care about protecting customer data.
SEE ALSO: Hackers steal credit card data from 5 million Saks and Lord & Taylor customersThe food chain's website reportedly left its customers' personal data completely exposed for anyone to scoop up.
Data including "names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number" were leaked online according to cybersecurity expert Brian Krebs, who helped publicize the news.
Security professional Dylan Houlihan first discovered Panera Bread's website was leaking customer data (including his own) in easily readable plain text in August 2017.
After a series of emails and false accusations claiming he was a scammer or was interested in a bounty, Mike Gustavison, Panera Bread’s Information Security Director, finally responded and said they were working on a resolution.
Eight months roll by — all the while, Houlihan's checking every month to see if the security hole has been fixed — and nothing happens. Houlihan decides enough is enough and forces Panera Bread's hand by getting Krebs to publicize the flaw in hopes of forcing the company to expedite a fix.
It's believed millions of users' data could have been exposed. Panera Bread, however, has downplayed the severity of the data leak, telling Fox News "only 10,000 customer records were exposed."
Panera Bread then said the company had fixed the security flaw, but Krebs discovered it wasn't in fact patched:
Almost in an instant, multiple sources — especially @holdsecurity — pointed out that Panera had basically “fixed” the problem by requiring people to log in to a valid user account at panerabread.com in order to view the exposed customer records (as opposed to letting just anyone with the right link access the records).
@onsecurity now believes up to 37 million customer records may have been affected.
At the time of publishing, Panera Bread's website remains down.
Original image has been replaced. Credit: Mashable We've reached out to Panera Bread for comment on why it ignored Houlihan's warnings and failed to fix the flaw for eight months. We will update this article if and when we hear back.
Topics Cybersecurity
Previous:Two Poems
Bridging the Healthcare Divide in West Virginia
An Interview with Michael Hofmann
I tried the viral TikTok adjustable buttons and they actually work pretty well
Sleep of the Just by Sadie Stein
Sweet, Sweet Existentialism
The Windows on the World Contest Finalists
Polestar's new electric car will have a smartphone to match
Annotations by Paul Muldoon
Reverse Robin Hoods
'The Afterparty' Season 2 ending explained: Who killed Edgar?
A Right to Police Accountability
The Morning News Roundup for December 9, 2014
René Magritte Was Born on This Day in 1898
The Morning News Roundup for December 1, 2014
The Long Battle for Medicaid
The Morning News Roundup for December 4, 2014
TikTok is reviving the 2014 Tumblr
Why Migraines are the Most Glamorous of Headaches
Foul Shot
A Marvelous Crutch: An Interview with Brad Zellar
'Game of Thrones' Season 8 answers the question of Ed Sheeran's fateThis Donald Trump waxwork will send shivers down your spine14 hilarious responses to the John Lewis Christmas adInternet Explorer exploit is trouble even if you never use the browserIrish couple live tweets journey to receive legal abortion in EnglandAnother John Lewis Christmas ad, another Twitter explosion for this poor guy'Game of Thrones' fans are analysing Arya Stark's secret weapon designDonald Glover used AirDrop to give people free shoes at Coachella'Game of Thrones': The most shocking and brutal deathsDear People Magazine: Please stop pretending the Trump presidency is normalChrissy Teigen got kicked out of John Legend's 'Game of Thrones' viewing partySelena Gomez delivers a surprise Coachella performance with Cardi BThis Donald Trump waxwork will send shivers down your spineRise up: America’s students stage school walkouts following Trump victoryYes, 'Avengers: Endgame' is Stan Lee's final Marvel cameoDC Universe subscription service gets a surprise Xbox One launchPeople are burning their sneakers over New Balance's perceived Donald Trump endorsementApple vs. Qualcomm: Everything you need to know'Game of Thrones' fans are analysing Arya Stark's secret weapon design'Star Wars Jedi: Fallen Order' is a solo story game with no loot boxes Porn age verification plans are being put on hold in the UK once again 'Harry Potter: Wizards Unite' disappoints with rough debut: Review Millennial burnout can be beat with the right self It’s a mistake to think that our online and IRL lives are separate Man's live tweets from a café prove love isn't dead just yet Netflix is testing a picture A glossary of 2016, the words that defined the year New browser plug The best returning TV shows of 2019 'Jessica Jones' ended well, but Netflix's Marvel shows deserved better Senate bill would force big tech to reveal the value of your personal data Acting confident online isn't the same as being right Apple's 16 The time has come to wrap your tech accessories in a burrito There's a hidden easter egg on J.K. Rowling's new website 'Rogue One' star Diego Luna really wants to touch Jabba the Hutt Google wants you to know it's only releasing good devices this year Liam Hemsworth makes an adorably awkward appearance in the Cyrus Christmas photo Amazon Air adds another 15 cargo aircraft YouTube reportedly considering overhauls to kids content
2.1981s , 10129.4609375 kb
Copyright © 2025 Powered by 【Watch Watery Boarding House Online】,Wisdom Convergence Information Network