Panera's failure to disclose a known security breach: Difference between revisions

← Older edit Newer edit →

VisualWikitext

@@ Line 6: / Line 6: @@
 |Type=Security
 |Description=Company ignored security risks for 8 months, affecting 37 million users.
-}}
+}}Back in 02 August 2017, security researcher Dylan Houlihan notified [[Panera Bread|Panera]] [[Panera Bread|Bread]] of the breach that allowed hackers to access customers personal information via its website, however the company wouldn't take any action until 8 month later on 02 April 2018. This would eventually result in a lawsuit 3 days later, however it was eventually dismissed by the plaintiffs on June 2018.
-{{Ph-I-Int}}
-==Background==
-{{Ph-I-B}}https://web.archive.org/web/20180402220110/https://krebsonsecurity.com/2018/04/panerabread-com-leaks-millions-of-customer-records/
+https://web.archive.org/web/20180402220110/https://krebsonsecurity.com/2018/04/panerabread-com-leaks-millions-of-customer-records/
 https://www.malwarebytes.com/blog/news/2018/04/panerabread-com-breach-could-have-impacted-millions
@@ Line 21: / Line 21: @@
 https://medium.com/@djhoulihan/no-panera-bread-doesnt-take-security-seriously-bf078027f815
-https://www.classaction.org/blog/panera-bread-facing-lawsuit-over-potential-security-breach
+==Incident==
+On 02 August 2017, Security Researcher Dylan Houlihan first contacted Panera Bread security director Mike Gustavison of a breach containing customers information that includes full name, home address, email address, food preferences, username, phone number, birthday and last four digits of a debit/credit card in plain text.
-==[Incident]==
+== Security Researchers Response ==
 {{Ph-I-I}}
-===[Company]'s response===
+== [Company]'s response ==
 {{Ph-I-ComR}}
@@ Line 33: / Line 35: @@
 {{Ph-I-L}}
+https://www.classaction.org/blog/panera-bread-facing-lawsuit-over-potential-security-breach
 ==Consumer response==
 {{Ph-I-ConR}}
 ==References==
 {{reflist}}
-{{Ph-I-C}}
 [[Category:Panera Bread]]