NPR

For Months, Panera Bread Website Reportedly Exposed Millions Of Customer Records

Panera's response was "half-baked," security analyst Brian Krebs said. Another researcher says he alerted the company to a "massive" flaw issue last August.
Panera Bread's website went down for part of Monday — eight months after the chain was warned that its site wasn't protecting sensitive customer data. Source: Joe Raedle

It started with a warning email last summer, from a security researcher who told Panera Bread that its website was exposing sensitive customer data. But after the problem went unfixed for months, the researcher went public with proof of the flaw. Another analyst said Panera's response was "half-baked."

"Originally I was content to wait eight months for Panera to fix this on their own," researcher Dylan Houlihan said in his story on the Medium website. "But this is ridiculous."

After the issue was flagged on Monday, Panera's website was taken down.

You're reading a preview, sign up to read more.

More from NPR

NPR2 min read
Alt.Latino Playlist: Cuban Rap, Soulful Shoegaze And A Transformation From The Ravine
Orishas returns with a piano ballad for existentialist insomniacs, Chicago's Divino Niño offers a dream-pop ballad and Mateo Kingman teams up with Gustavo Santaolalla.
NPR4 min readPolitics
What Trump May Be Missing In Those Polls He Calls Fake
Polls taken 18 months before an election are not predictive, but they have sent signals that proved helpful when heeded by presidents in the past.
NPR4 min readSociety
'You Don't Own Me,' A Feminist Anthem With Civil Rights Roots, Is All About Empathy
Ever since a 17-year-old Lesley Gore sang it in 1963, the coolly mutinous song has moved women to reject passive femininity. Its writers, though, say there are layers of resistance in its words.