For Months, Panera Bread Website Reportedly Exposed Millions Of Customer Records

Panera's response was "half-baked," security analyst Brian Krebs said. Another researcher says he alerted the company to a "massive" flaw issue last August.
Panera Bread's website went down for part of Monday — eight months after the chain was warned that its site wasn't protecting sensitive customer data. Source: Joe Raedle

It started with a warning email last summer, from a security researcher who told Panera Bread that its website was exposing sensitive customer data. But after the problem went unfixed for months, the researcher went public with proof of the flaw. Another analyst said Panera's response was "half-baked."

"Originally I was content to wait eight months for Panera to fix this on their own," researcher Dylan Houlihan said in his story on the Medium website. "But this is ridiculous."

After the issue was flagged on Monday, Panera's website was taken down.

You're reading a preview, sign up to read more.

More from NPR

NPR3 min readSociety
Amid Protests Against Police Violence LA Mayor Eric Garcetti Announces Cuts To LAPD
The department was set to receive a staggering increase in its annual budget from $1.189 billion to $1.86 billion for the 2020-2021 year. But on Wednesday Garcetti said he's looking to make deep cuts.
NPR6 min readPolitics
Trump Wants Show Of Force To Cure National Crisis
Even in calmer times, Trump has spoken of having military parades in Washington, such as on his Inauguration Day or the Fourth of July, in the style of those held by the French on the Champs d'Elysee.
NPR4 min read
'The Vanishing Half' Counts The Terrible Costs Of Bigotry And Secrecy
Brit Bennett's triumphant new novel follows two light-skinned black sisters whose lives take very different paths; you'll keep turning pages not to find out what happens, but who these women are.