Panera Bread’s website leaked customer records for at least eight months, according to a report by cyber security website KrebsOnSecurity. The firm said the leaked data included names, email and physical addresses, birthdays and the last four digits of credit card number of “millions” of customers who ordered online on the company’s website.
Panera Break issued a short statement sent to Reuters and other media outlets, saying the issue had been resolved.
“Our investigation is continuing, but there is no evidence of payment card information nor a large number of records being accessed or retrieved,” John Meister, CIO, Panera Bread, said in a statement. He also said the company’s investigation into the matter to date indicated that fewer than 10,000 consumers had been potentially affected.