Smashing Security #072: Why are firms so cr*p with our private data?

Grindr, MyFitnessPal, and Panera Bread. They’ve all had data breach scares of varying degrees this week. Some handled the security breaches well, some didn’t. We took a look at how well different firms are respecting your data privacy.
All this and mor… Continue reading Smashing Security #072: Why are firms so cr*p with our private data?

Panera Bread’s Website Reportedly Leaked Millions of Customer Records

The personal information of millions of Panera Bread customers was reportedly left exposed online for at least eight months. According to reports, the popular US bakery-café chain, which operates over 2,100 locations, was initially alerted of the … Continue reading Panera Bread’s Website Reportedly Leaked Millions of Customer Records

Panera Bread’s half-baked security

We’ve heard it all before. XYZ Company “takes your data security very seriously.” Most commonly you’ll hear these words just after a company has suffered an embarrassing data breach, perhaps having carelessly exposed the persona… Continue reading Panera Bread’s half-baked security

Panerabread.com Leaks Millions of Customer Records

Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity has learned.

The data available in plain text from Panera’s site appeared to include records for any customer who has signed up for an account to order food online via panerabread.com. The St. Louis-based company, which has more than 2,100 retail locations in the United States and Canada, allows customers to order food online for pickup in stores or for delivery. Continue reading Panerabread.com Leaks Millions of Customer Records