Panera Bread: Difference between revisions
| Line 24: | Line 24: | ||
===Securtiy Breach (2026)=== | ===Securtiy Breach (2026)=== | ||
https:// | On Late January, a hacker group known as ShinyHunters gained access to Panera Bread or one of their third parties systems by exploting '''[[Microsoft]]''' Entra SSO code, containing customers names, email addresses, phone numbers, and addresses. ShinyHunters demanded the company pay ransom to not release customers information around February, however the company refused, eventually leading to 5.4 million customers information being leaked online.<ref>{{Cite web |date=2 April 2026 |title=Panera Bread Microsoft Entra SSO Breach: ShinyHunters Leak 5.1 Million Customer Records in 2026 Data Attack |url=https://www.rescana.com/post/panera-bread-microsoft-entra-sso-breach-shinyhunters-leak-5-1-million-customer-records-in-2026-data |url-status=live |access-date=2 April 2026 |website=Rescana}}</ref><ref>{{Cite web |last=Gupta |first=Deepak |date=31 March 2026 |title=Panera’s 5.1 Million User Breach: When ‘No Hack’ Becomes a Ransomware Business Model |url=https://securityboulevard.com/2026/03/paneras-5-1-million-user-breach-when-no-hack-becomes-a-ransomware-business-model/ |url-status=live |access-date=2 April 2026 |website=Security Boulevard}}</ref><ref name=":1">{{Cite web |last=Knutsson |first=Kurt |date=19 February 2026 |title=Panera Bread data breach exposes 5.1M customers |url=https://www.foxnews.com/tech/panera-bread-data-breach-exposes-5-1-million-customers |url-status=live |access-date=2 April 2026 |website=Fox News}}</ref> | ||
[[File:ShinyHunters website Panera Bread data leak showcase.jpg|thumb|ShinyHunter website]] | |||
<blockquote>''"We have your customer database. Pay $X in cryptocurrency within 48 hours, or we publish everything. If you pay, we delete the data and provide proof."''</blockquote> | |||
https://www.restaurantbusinessonline.com/technology/panera-faces-multiple-lawsuits-following-data-breach | |||
In a statement made by Panera Bread CEO Paul Carbone, he stated that the vulnerability was fixed and didn't include financial information nor other information of its other services.<ref>{{Cite web |last=Jennings |first=Lisa |date=23 February 2026 |title=Panera faces multiple lawsuits following data breach |url=https://www.restaurantbusinessonline.com/technology/panera-faces-multiple-lawsuits-following-data-breach |url-status=live |access-date=30 March 2026 |website=Restaurant Buisness}}</ref><blockquote>''“We had independent security experts. We quickly identified the cause and strengthened controls for that third-party application.” And, importantly, the data involved did not include any payment information, employee systems, MyPanera accounts, or Unlimited Sip Club.”''</blockquote>Starting 29 January through February, the company would receive several lawsuits that alleges the company failure to secure consumer information by not encrypting users data. As of April 2026, the lawsuit is still pending litigation.<ref>{{Cite web |date=6 February 2026 |title=Panera Bread hit with two class action lawsuits over data breach |url=https://topclassactions.com/lawsuit-settlements/lawsuit-news/panera-bread-hit-with-two-class-action-lawsuits-over-data-breach/ |url-status=live |access-date=30 March 2026 |website=Top Class Action}}</ref><ref>{{Cite web |date=2 April 2026 |title=Cardin v. Panera Brands, Inc. |url=https://dockets.justia.com/docket/missouri/moedce/4:2026cv00125/225942 |url-status=live |access-date=2 April 2026 |website=Justia}}</ref><ref name=":1" /> | |||
==Products== | ==Products== | ||