14M Panera Bread customer records leaked: What do we know so far?
Hackers have claimed responsibility for a cyberattack against Panera Bread, a major American restaurant chain, that allegedly resulted in the leak of millions of customer and employee records.
-
ShinyHunters claim responsibility for hacking Panera Bread, allegedly leaking 14M customer and employee records.
-
Leaked data includes full names, email addresses, phone numbers, home addresses, and dates of birth from Panera customers.
-
Exposed individuals face risks including identity theft, fraudulent account creation, and targeted social engineering phishing attacks.
The Panera data breach was claimed by the ShinyHunters cyber cartel, after the gang posted the company on its dark web forum. The attackers claim they have access to a whopping 14 million records containing personally identifiable information (PII).
Panera Bread is a major casual restaurant chain in North America, with over 2,000 locations in the US and Canada. The company’s revenue hovers around $6.5 billion, with an employee count of 140,000. We have reached out to the company for comment and will update this article once we receive a reply.
Meanwhile, the Cybernews research team investigated the data sample that the attackers attached to their dark web post. According to the team, the leaked Panera Bread data breach details include employee and customer information, such as:
- Full names
- Usernames
- Work emails
- Personal email
- Phone numbers
- Home addresses
- Dates of birth
Our researchers believe that malicious actors could utilize the data to target exposed individuals. For one, attackers could exploit the data leak for identity theft, using stolen names and other personal details to set up fraudulent accounts or submit fraudulent tax claims.
Cybernews researchers have addressed the many dangers linked to identity theft and provided advice on how to protect against its woes.
Another item on the cybercrime menu is social engineering. Malicious actors could use Panera Bread employee emails to impersonate the company and target its customers. For example, attackers could distribute phishing emails that peddle malware.
Social engineering is among the most common types of cyberattacks users face. However, there are numerous ways that exposed individuals can guard against these types of cyberattacks.
Panera Bread’s supposed attackers, the ShinyHunters gang, are among the most aggressive cybergangs currently operating. The cybercrime collective was previously linked to multiple high-profile breaches and large-scale data theft campaigns, including last year’s Salesforce CRM data heist.
The cyberattack on Salesforce enabled numerous large-scale data thefts across hundreds of organizations, including big names ranging from Jaguar Land Rover, Gucci, and Chanel to Cisco Systems and Google.
Large restaurant chains like Panera Bread interest attackers due to the large volumes of customer and employee data they house. For example, last week Everest ransomware group claimed a McDonald's data breach.
Unlock more exclusive Cybernews content on YouTube.
