There are no longer any surprises when it comes to the latest data breach announcements hitting the headlines. Is the commonality of this event not only softening our surprise, but also softening our resolve to fight cyberattacks? Krebs on Security brought this news to our attention in their article, “Panerabread.com Leaks Millions of Customer Records.”
Not that long ago, Panerabread.com reportedly leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was announced and temporarily shutdown. Much to my own surprise, the data available from Panera’s site appeared to include records for any customer who has signed up for an account to order food online – and that would include me.
They were notified of the potential breach eight months ago, but it appears the site was still leaking customer records in plain text for a substantial time following. Worse still, the records could be indexed and crawled by automated tools with very little effort.
Melody K. Smith
Sponsored by Data Harmony, a unit of Access Innovations, the world leader in indexing and making content findable.